- From: Janusz Majnert <j.majnert@samsung.com>
- Date: Mon, 04 Mar 2013 08:14:10 +0100
- To: public-sysapps@w3.org
On 2013-03-01 18:24, Dave Raggett wrote: > On 27/02/13 22:01, Mounir Lamouri wrote: >> I think both systems should be allowed by the specification and I do not >> think that the specification should forces a particular system. My >> current idea is to have a chain of trust: >> - the runtime trusts some marketplaces; >> - the marketplace marks some applications as trusted. >> If the user install an application marked as trusted by the marketplace >> and the marketplace is trusted, the application will have access to >> privileged APIs. > > If the user marks a marketplace as trusted is there a way for the > marketplace to remove apps from the user's device, that have been found > to breach guidelines, and as such are untrusted? There should be. I'm not sure if we can assume that uninstalling such an app is the proper way to go - the app might hold some information valuable to the user. Besides, if the author of the app is not malicious, we should allow them to push an update. In WAC we decided that a "revoked" app was blocked from being run. This allowed the user to decide what to do with it. /Janusz
Received on Monday, 4 March 2013 07:14:34 UTC