W3C home > Mailing lists > Public > public-sysapps@w3.org > April 2014

Re: Discussing security model of sysapps

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Tue, 01 Apr 2014 18:36:26 +0200
Message-ID: <533AEB0A.2000702@gmail.com>
To: Dave Raggett <dsr@w3.org>
CC: Wonsuk Lee <wonsuk11.lee@samsung.com>, Mounir Lamouri <mounir@lamouri.fr>, "public-sysapps@w3.org" <public-sysapps@w3.org>
On 2014-04-01 18:21, Dave Raggett wrote:
> 
> On 01/04/14 16:22, Anders Rundgren wrote:
>> On 2014-04-01 17:00, Dave Raggett wrote:
>> <snip>
>>> ...Where the highest level of trust is required, APIs
>>> may only be accessible to pre-installed apps. Such APIs may only work
>>> with a single such app.
>> To me this level sounds like OS/platform APIs which ought to be out of scope for sys-apps.
>>
>> It would in this case rather be the app itself that could be subject to some kind of standardization like e-mail, browser, etc.
>>
>> WebAPIs should IMO be limited to externally supplied apps.
> 
> Such an API is being proposed by the Automotive and Web Platform 
> Business Group for access to data made available over the vehicle's data 
> bus. More details at:
> 
>    http://www.w3.org/community/autowebplatform/
> 

Well, I didn't find any details. No reports have been published.

IMO, this looks like an entirely different creature than the web as we know it.
This is rather an IoT scheme which probably requires each participating "thing" to authenticate.
How the "things" get trusted is yet another story.

Anders
Received on Tuesday, 1 April 2014 16:36:59 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:36:20 UTC