W3C home > Mailing lists > Public > public-web-notification@w3.org > March 2012

Re: static permission functions on Notification (was Feedback from Safari on Web Notifications)

From: Doug Turner <doug.turner@gmail.com>
Date: Wed, 14 Mar 2012 19:00:23 -0700
Cc: John Gregg <johnnyg@google.com>, Edward O'Connor <eoconnor@apple.com>, Maciej Stachowiak <mjs@apple.com>, Marcos Caceres <w3c@marcosc.com>, public-web-notification@w3.org
Message-Id: <1369DC9B-25F1-4109-BDAD-8565CA3B37BD@gmail.com>
To: Jon Lee <jonlee@apple.com>

On Mar 14, 2012, at 11:46 AM, Jon Lee wrote:

> 
> On Mar 13, 2012, at 1:49 PM, John Gregg <johnnyg@google.com> wrote:
> 
>> Well I agree that explicit permission models are not as good as implicit ones where that's possible. But some features do require explicit permission models, and I don't get the idea that simply having a single good way of doing that encourages bad behavior among feature designers.  I would hope that new features for the web platform (a relatively rare thing) are proceeding carefully as in this process here.
> 
> 
> Unfortunately, future spec authors might not proceed so thoughtfully. Spec authors already cite precedent as a reason for adopting existing patterns. After all, we should try to keep the Web platform coherent.
> 
> There are currently three different permissioning models used by Web APIs: implicit (drag-and-drop), on-demand (geolocation), and explicitly requested (notifications). Explicit permissioning is the least desirable of these three models, and we should discourage it whenever possible.
> 
> By only providing a generic API for explicit permissioning, we implicitly elevate that model to be the preferred approach for the whole Web platform. Thus far, the lack of a common API for *any* of the Web's permissioning models has forced spec authors to think hard about how permissioning should work in each case.
> 
> In another part of this thread, you said—and I agree—that providing the pattern to follow for explicit permissions is vitally important. We should consider writing a Note discussing the different permissioning models of Web APIs and the trade-offs among them. Spec authors could then refer to this Note when designing features requiring permissioning.
> 
> Jon


That sounds right.  We can add a non-normative advisory to implementors about using this explicit pattern.

Doug
Received on Thursday, 15 March 2012 02:00:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 17 December 2012 14:48:28 GMT