W3C home > Mailing lists > Public > public-device-apis@w3.org > May 2013

Re: [Permissions] Notification on Device API Access

From: Tobie Langel <tobie@fb.com>
Date: Fri, 31 May 2013 09:54:02 +0200
To: Alexandre Morgaut <Alexandre.Morgaut@4d.com>
CC: "public-device-apis@w3.org" <public-device-apis@w3.org>
Message-ID: <C3EEA3FC18174158BA2144BAD3A6DE43@fb.com>
On Thursday, May 30, 2013 at 4:54 PM, Alexandre Morgaut wrote:
> Current Browser implementations usually ask for user permission providing 3 buttons: "Allow", "Deny", "Always Allow"
> I didn't found if there was existing recommendation on on the way to ask user for permissions
> I only found this specification for now: http://www.w3.org/TR/api-perms/
> (in addition to behavior descriptions in the dedicated API specifications)
> More specifically I didn't found yet official recommendations proposing an "Always Allow" type of permission

[…]  
>  
> Of course I may have miss previous discussions on this topic. If you are aware of some of them, I'd be happy to know more on the current state of the art in this area

I understand your desire for standardization in this sector. It is one also often expressed by developers, so something I can strongly relate to.

The problem with standardizing user interaction with the permission layer is it completely prevents browser vendors from developing products targeted at specific market segments (e.g. you'd want super tight permission control in a device aimed at the military, but you'll want geolocation to be authorized by default in a GPS) or from coming up with innovative permission systems (e.g. whitelisting apps from certain domains, or apps trusted by friends, or automatically granting camera access when you're using a dedicated hardware button to take picture, etc.).

Hope this helps.

Best,

--tobie
Received on Friday, 31 May 2013 07:54:33 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:53:59 UTC