- From: Thomas Roessler <tlr@w3.org>
- Date: Sat, 2 May 2009 00:59:33 +0200
- To: arun@mozilla.com
- Cc: Arthur Barstow <art.barstow@nokia.com>, w3c-ac-forum <w3c-ac-forum@w3.org>, public-device-apis@w3.org, Doug Turner <dougt@mozilla.com>, "L. David Baron" <dbaron@mozilla.com>, Philippe Le Hegaret <plh@w3.org>
On 1 May 2009, at 22:44, Arun Ranganathan wrote: > 1. While we welcome Nokia's "straw person" proposals as starting > points (and the royalty-free declarations on patents that accompany > the straw persons), we continue to be uncomfortable that a _new_ WG > is coined for the purpose of creating APIs exposed to scripting > contexts on the web. [...] At Mozilla, we don't see "special case" > APIs as only being fit for certain classes of devices, but for the > web as a whole on multiple devices. What rationale is provided for > the creation of a new WG? Please note the following conclusion from the workshop report: >> Workshop participants strongly agreed that APIs and security models >> used for widgets and more classical Web applications should be >> aligned as closely as possible. This requirement is expected to >> apply to current and future work in the Web Applications Working >> Group, and to additional work that might be chartered as a result >> of this workshop. -- http://www.w3.org/2008/security-ws/report In the room in London, there was clear support for a single, aligned set of APIs for the Web (and no forking for mobile devices or widgets), in line with your requirement above. "Device APIs", in this context, is probably a less than perfect name for the activity; I would suggest not reading more significance into it than it has. (The common denominator is that the proposed work is on APIs that make capabilities available to the Web platform which have previously been sandboxed out; unfortunately, that phrase makes for really cumbersome naming. ;-) Whatever the name, the "one set of APIs" point (while important!) seems largely orthogonal to the question how the work is best organized, and whether it's best dealt with in one WG or in several. > 3. In general, this activity leaves security as a consideration for > implementations, or at least as fodder for > _yet_another_working_group_ that may look at security implications. > There is merit in a security discussion; in fact, I'd rather see a > WG for security discussions alongside efficient charter amendments > to the Web Apps WG. Even this isn't ideal, since it would seem that > security may best be served by those designing individual APIs (at > least where implementations converge on a set of principles). A strong +1 to the need of a security discussion in this context. That's why the workshop had a strong security theme to it, and why I posted an outline for a possible charter in that space, based on the workshop results, two weeks ago: http://lists.w3.org/Archives/Public/public-device-apis/2009Apr/0000.html Comments on the proposed scope and approach in that note are more than welcome. -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 1 May 2009 22:59:48 UTC