Re: API patterns and requirements from Rich Tibbett on 2010-06-21 (public-device-apis@w3.org from June 2010)

From: Rich Tibbett <rich.tibbett@gmail.com>
Date: Mon, 21 Jun 2010 11:47:17 +0100
To: Frederick.Hirsch@nokia.com
Cc: wmaslowski@opera.com, public-device-apis@w3.org
Message-ID: <AANLkTil2gf0SJGHvvlSA9Z_0pd-4410PiM2TyY2sIXhn@mail.gmail.com>

On Fri, Jun 18, 2010 at 4:35 PM, <Frederick.Hirsch@nokia.com> wrote:

> I think this demonstrates the value of an access control mechanism such as
> the Policy Framework, where each navigator.system.GET('item') triggers a
> policy decision based on policy, avoiding needless user interaction on each
> call while allowing the granularity as specified by policy.
>

 Yes. Or equally the ability for a web application to request a bunch of
system information in a single API request and only have one decision
needing to be made. The design of the System Information API should
facilitate both a simple, one-time user-explicited authorization or a policy
based authorization to occur in an equally straight forward way.

- Richard

Received on Monday, 21 June 2010 10:48:12 UTC