W3C home > Mailing lists > Public > public-sysapps@w3.org > June 2013

Re: [runtime] Privileged Applications Extensions spec proposal

From: Kostiainen, Anssi <anssi.kostiainen@intel.com>
Date: Thu, 27 Jun 2013 20:15:59 +0000
To: Jonas Sicking <jonas@sicking.cc>
CC: "public-sysapps@w3.org" <public-sysapps@w3.org>
Message-ID: <F574B5A9-4436-40A4-9124-BB0E93941AD0@intel.com>
On Jun 27, 2013, at 4:56 AM, Jonas Sicking <jonas@sicking.cc> wrote:

Thanks for the feedback and use cases.

[...]

> downloadSize and downloadUpdate() is needed to build a update-UI. I.e. it's needed if a store wants to put an "update now" button in the store if it detects that the app the user is viewing is installed but out-of-date. Or if an app wants to put a "I'm out of date, click here to update me" banner at the top of itself when it detects that it's out-of-date. In both cases you might want to show the user the update size so that the user can make a decision if he/she wants to download the update.

downloadSize and updateState are required to implement what you describe above -- which looks like a valid use case to me -- and should stay on the Application interface it seems.

And with some changes to the normative language in downloadUpdate() we could make it an implementation detail whether user's consent is required to download an update, something like: "If the user agent has a reason to believe the operation could be costly (e.g. in terms of roaming costs for data transfer, or for other reasons), then the user agent MAY run the following substeps: [prompt the user etc.]".

Does that sound reasonable?

Another options would be to leave it up to the OS to inform the user of a potentially costly network being used (e.g. when switching the network, and/or after every X amount of bytes transferred) and not tie this to the operation itself.

[...]

> The App API was designed such that the only actors which are able to get a references to an App object are ones that should be able to update the app.
> 
> I think that part of the security model is that installed apps should be able to use system resources (CPU, storage space, network bandwidth, etc) without having to ask the user for permission. There are simply too many good use cases for installed apps to use system resources and users generally expect them to be able to, that prompting each time it happens will be too annoying and will lessen the value of other, more important, prompts (like security prompts).

This reminds me of my task to improve the introduction to explain the differences from the web platform like features added, removed, or behaving differently.

Do you happen to have some documentation for Firefox OS that you'd like to contribute as input?

[...]

-Anssi
Received on Thursday, 27 June 2013 20:16:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:36:13 UTC