W3C home > Mailing lists > Public > public-device-apis@w3.org > May 2012

Re: System Level APIs draft proposal

From: Jonas Sicking <jonas@sicking.cc>
Date: Fri, 4 May 2012 11:28:33 -0700
Message-ID: <CA+c2ei82i4s4xhjGj4vzAmFm8zXLy4oFztdM4tWv6cSoXQ-70g@mail.gmail.com>
To: Niklas Widell <niklas.widell@ericsson.com>
Cc: Doug Turner <dougt@mozilla.com>, "Carr, Wayne" <wayne.carr@intel.com>, "Tran, Dzung D" <dzung.d.tran@intel.com>, Robin Berjon <robin@berjon.com>, "public-device-apis@w3.org public-device-apis@w3.org" <public-device-apis@w3.org>
On Thu, May 3, 2012 at 1:30 AM, Niklas Widell
<niklas.widell@ericsson.com> wrote:
> However I think that for all APIs that we come up with, we need to define a
> security model along with the API. I suspect that in many cases it large
> parts will still be left up to the decision of the implementation, for
> example what various UI look like. However I think in all cases will we need
> to figure out a credible security model.
>
> When we are defining that security model that will likely determine what
> browser implementers will feel comfortable exposing to the pages that they
> render.
>
> / Jonas
>
>
> Will there be one such security model or many? Can one such security model
> seamlessly cover both restricted/controlled/curated environments and
> wild-web scenarios?

That depends on your definition of "security model" I guess.

What I mean is that we for all APIs that we develop, need to fully
describe how security is handled for them.

/ Jonas
Received on Friday, 4 May 2012 18:55:32 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:14:30 GMT