W3C home > Mailing lists > Public > public-device-apis@w3.org > May 2009

Re: Seeking feedback on a new WG to specify APIs for device services

From: Thomas Roessler <tlr@w3.org>
Date: Sat, 2 May 2009 00:59:33 +0200
To: arun@mozilla.com
Message-Id: <428CF4A8-5BA8-4018-BAAF-AB40D4815553@w3.org>
Cc: Arthur Barstow <art.barstow@nokia.com>, w3c-ac-forum <w3c-ac-forum@w3.org>, public-device-apis@w3.org, Doug Turner <dougt@mozilla.com>, "L. David Baron" <dbaron@mozilla.com>, Philippe Le Hegaret <plh@w3.org>
On 1 May 2009, at 22:44, Arun Ranganathan wrote:

> 1. While we welcome Nokia's "straw person" proposals as starting  
> points (and the royalty-free declarations on patents that accompany  
> the straw persons), we continue to be uncomfortable that a _new_ WG  
> is coined for the purpose of creating APIs exposed to scripting  
> contexts on the web.  [...]  At Mozilla, we don't see "special case"  
> APIs as only being fit for certain classes of devices, but for the  
> web as a whole on multiple devices.  What rationale is provided for  
> the creation of a new WG?

Please note the following conclusion from the workshop report:
>> Workshop participants strongly agreed that APIs and security models  
>> used for widgets and more classical Web applications should be  
>> aligned as closely as possible. This requirement is expected to  
>> apply to current and future work in the Web Applications Working  
>> Group, and to additional work that might be chartered as a result  
>> of this workshop.

-- http://www.w3.org/2008/security-ws/report

In the room in London, there was clear support for a single, aligned  
set of APIs for the Web (and no forking for mobile devices or  
widgets), in line with your requirement above.  "Device APIs", in this  
context, is probably a less than perfect name for the activity; I  
would suggest not reading more significance into it than it has.

(The common denominator is that the proposed work is on APIs that make  
capabilities available to the Web platform which have previously been  
sandboxed out; unfortunately, that phrase makes for really cumbersome  
naming. ;-)

Whatever the name, the "one set of APIs" point (while important!)  
seems largely orthogonal to the question how the work is best  
organized, and whether it's best dealt with in one WG or in several.

> 3. In general, this activity leaves security as a consideration for  
> implementations, or at least as fodder for  
> _yet_another_working_group_ that may look at security implications.   
> There is merit in a security discussion; in fact, I'd rather see a  
> WG for security discussions alongside efficient charter amendments  
> to the Web Apps WG.  Even this isn't ideal, since it would seem that  
> security may best be served by those designing individual APIs (at  
> least where implementations converge on a set of principles).

A strong +1 to the need of a security discussion in this context.

That's why the workshop had a strong security theme to it, and why I  
posted an outline for a possible charter in that space, based on the  
workshop results, two weeks ago:


Comments on the proposed scope and approach in that note are more than  

Thomas Roessler, W3C  <tlr@w3.org>
Received on Friday, 1 May 2009 22:59:48 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:53:38 UTC