Re: Security evaluation of an example DAP policy from Jonas Sicking on 2009-11-21 (public-device-apis@w3.org from November 2009)

From: Jonas Sicking <jonas@sicking.cc>
Date: Sat, 21 Nov 2009 00:14:27 -0800
To: Robin Berjon <robin@berjon.com>
Cc: Adam Barth <w3c@adambarth.com>, public-device-apis@w3.org, public-webapps WG <public-webapps@w3.org>
Message-ID: <63df84f0911210014w27cba1d7x76ccefa04ffecceb@mail.gmail.com>

On Fri, Nov 20, 2009 at 8:34 AM, Robin Berjon <robin@berjon.com> wrote:
> On Nov 20, 2009, at 00:22 , Adam Barth wrote:
>> It's emails like this that make me skeptical of the security work
>> being done in the device APIs working group.
>
> *sigh* I feel like a broken record. It feels like I've spent my time since TPAC involved in an endless repeat of the following discussion:
>
>  - "You must support security at the API definition level!!!1"
>  - "Yes. That is the plan. That is what we will do. We've already agreed to that."
>  - "Okay... But... You must support security at the API definition level!!!1"
>  - "..."
>
> DAP will handle security at the API definition level. Full stop.
>
> Now, there may be participants in the WG who believe that policy could *also* be used in browsers, or other such things. That may or may not be the possible, practical, doable, implementable, safe. You may or may not agree. The fact is, for the purpose of trusting that DAP will handle security at the API definition level, it doesn't matter because: DAP will handle security at the API definition level.
>
> If you don't like the policy stuff, don't implement the policy stuff. You can still implement the APIs because, you know what? DAP will handle security at the API definition level.
>
> If later a policy-based approach surfaces that changes your mind and makes you want to support it, that's also fine. But for the immediate purpose of creating DAP APIs that can work in browsers it doesn't matter because DAP will handle security at the API definition level.
>
> Is this clearer?
>
> Would people mind if we had this DAP conversation just on the DAP list and cut down on the cross-posting? It's not as if WebApps didn't see some traffic already.
>
> Oh, and yeah, DAP will handle security at the API definition level.

Imma let you finnish, but HTML has the greatest security of all times.
Of all times!

:)

Ok, in all seriousness. I don't think we'll be able to get any further
until there are actual API proposals on the table. At that point I
think the various browser vendors and other interested parties can
express actual concrete opinions on the security level of the API.

However I figured that people might be reluctant to come up with
proposals unless they know what the requirements were. And while I
don't think there are any hard and fast requirements, I was hoping to
shed some light on at least how we think about these things at
mozilla.

I do hope that that has become somewhat clearer. And I'm looking
forward to seeing actual proposals so that we can move from meta
discussions to technical discussions.

/ Jonas

Received on Saturday, 21 November 2009 08:15:30 UTC