[W3C SysApps]: Supporting secure hosted and packaged web applications

Hi,

This is an input to the discussion on "App Model for the Open Web in SysApps WG aspect" at the TPAC Monday afternoon session.

Based on earlier discussion and the uncertainty  on which parts of the Runtime and Security model that should be standardized I suggest:



*        SysApps MUST support a concept of trusted (or privileged applications as was the term in the old Runtime and Security Specification) hosted and packaged web applications that are allowed to access sensitive APIs.  An application is defined to be trusted if the origin installing the application is trusted by the UA and the origin installing the application considers the application to be trustworthy. For hosted web applications the signature of the manifest defines whether the application is trusted or not. For packaged web applications the signature of the package defines whether the application is trusted or not..

*        Default security restrictions should be defined that apply to these trusted web applications but it MUST be possible to relax the restrictions on access to remote resources by definition of "Content Security Policies" in the app manifest file.

Specification input to above is for example http://developer.chrome.com/extensions/contentSecurityPolicy.html and section 4 of the old SysApps Runtime and Security specification, http://www.w3.org/2012/sysapps/runtime/#privileged-applications.

It is an open question where these normative statements should go. Maybe as an additional section of the Manifest specification, http://www.w3.org/2012/sysapps/manifest/?

BR
  Claes


Claes Nilsson M.Sc.E.E
Master Engineer - Web Research
Advanced Application Labs

Sony Mobile Communications
Tel: +46 705 56 68 78
sonymobile.com<http://sonymobile.com/>

[cid:image001.jpg@01CEDAE8.16BDFA20]