W3C home > Mailing lists > Public > public-device-apis@w3.org > November 2009

DAP and security (was: Rename “File API” to “FileReader API”?)

From: Dominique Hazael-Massieux <dom@w3.org>
Date: Thu, 12 Nov 2009 10:29:40 +0100
To: Maciej Stachowiak <mjs@apple.com>
Cc: Robin Berjon <robin@berjon.com>, public-device-apis@w3.org, public-webapps WG <public-webapps@w3.org>
Message-ID: <1258018180.7093.2094.camel@localhost>
Le mardi 10 novembre 2009 à 17:47 -0800, Maciej Stachowiak a écrit :
> I would be concerned with leaving file writing to DAP, because a  
> widely held view in DAP seems to be that security can be ignored while  
> designing APIs and added back later with an external "policy file"  
> mechanism.

Frederick already mentioned this isn’t the case at all, and I want to
strongly reject the notion that DAP is considering security as an
after-the-fact or out-of-band aspect in the design of its APIs.

Our charter clearly stipulates that our policy model “must be consistent
with the existing same origin policies (as documented in the HTML5
specification), in the sense that a deployment of the policy model in
Web browsers must be possible”.

In fact, most of models that have been discussed in this thread to
reduce the risks exposed by new APIs (sandbox for writing, user
interaction or markup-based element for sharing data) were already
mentioned as options by DAP WG participants during our F2F last week.

More generally, I don’t think assuming that DAP would create worse/less
secure APIs than WebApps or any other group would is either right nor
useful to ensure a good collaboration between our groups. And clearly,
we will actively be seeking feedback and input from the WebApps Working
Group when we produce new APIs, which should also contribute to reduce
the fears that we would get it all wrong :)

Regards,

Dom
Received on Thursday, 12 November 2009 09:30:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:14:01 GMT