W3C home > Mailing lists > Public > public-device-apis@w3.org > June 2010

Re: updates to Policy Framework and Profile

From: Paddy Byers <paddy.byers@gmail.com>
Date: Tue, 22 Jun 2010 22:21:26 +0100
Message-ID: <AANLkTikYQpX-Jii_6CQuA7kL9VLIKsLNRgn2TrhLJv3D@mail.gmail.com>
To: Suresh Chitturi <schitturi@rim.com>
Cc: Frederick.Hirsch@nokia.com, public-device-apis@w3.org
Hi Suresh,

While reviewing the framework document, I encountered the following:
>

I think your comments are all valid, and reflect the fact that the document
is still a bit disjointed, with a lot of text borrowed from other inpout
documents without all of the associated context.


> 1) Lack of definitions for 'access request' and 'access query'. I assume
> they are the same? It might be good to describe it in a subsection under
> core concepts.
>

In the input BONDI document, an access request is an attempted access by a
subject (ie web application or instantiated widget) to a protected resource.

An access query is a formal access control query, expressed in terms of the
subject and resource attributes, against the policy in the logical model.

An access query may be made at runtime, at the time of an actual access
attempt, or earlier (eg instantiation time or installation time).

2) Would it make sense to describe all the steps illustrated in logical
> model under "4.2 Processing Rules" section? Right now, it is split into
> "Processing Rules" and "Feature and Capability Processing Rules" which
> is somewhat mis-leading. For e.g. are these done independently or is it
> reasonable to say that they may be both may be evaluated in one shot?
>

Yes, I think this can be improved.


> 3) As stated earlier (in one of the conference calls), I think we need
> to understand the relation of this policy framework with the widgets
> specifications (i.e. configuration file that includes <feature> and WARP
> <access>). For example, how does the policy get evaluated in this case
> when both a policy file is present and "policy type" elements such as
> <feature> and <access> are declared in the widget package?
>

The <feature> and <access> elements in the widget configuration document are
an advertisement by the widget author that those resources are required by
the widget.

A policy, expressed via the policy framework, is the basis on which a UA
determines whether or not those requests are permitted.

Thanks - Paddy
Received on Tuesday, 22 June 2010 21:21:59 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:14:10 GMT