- From: Martin Thomson <notifications@github.com>
- Date: Tue, 16 Dec 2014 13:53:29 -0800
- To: w3c/push-api <push-api@noreply.github.com>
- Message-ID: <w3c/push-api/pull/87/c67239236@github.com>
Unfortunately, I think that an A or B or C or D option creates more problems. I don't believe that the permissions API, as specified, is a good idea. Your proposal seems predicated on the notion that the consent model implied by the permissions API is the right way to address the general class of problems that we as browser developers don't yet know how to solve. I'll acknowledge that there are problems with the current scheme for acquiring consent, but that those are not the ones that this model aims to address. The proposed spec in fact avoids addressing any such concerns, it merely *is*. (This is my first encounter with that proposal, so maybe there is some context I'm missing.) I'd expect a longer discussion about what it means to obtain consent as a preface to any work on improving permissions. For instance, see [this post by Robert O'Callahan](http://robert.ocallahan.org/2011/06/permissions-for-web-applications_30.html), which sums up one view on this fairly tidily. The main advantage of the proposed permissions API seems to care more about streamlining the application and browser developer experience than it does about engaging on serving the needs of users. Secondly, the creation of a language for the expression of more granular preferences doesn't help improve the consistency of a user experience. The opposite is more likely true: different browsers can build consent interaction models that are not just superficially different, but fundamentally different. We've seen that even superficial differences in terms of the placement of dialogs has caused significant pain for applications using [getUserMedia](https://w3c.github.io/mediacapture-main/) (which is notably absent from permissions). There, what amounts to user agent sniffing is commonplace. The only reason it's not a full-blown inspection of `navigator.userAgent` is that applications are able to use the prefix on the API to detect which browser it is. Finally, I would rather have a model closer to the "ask forgiveness, not permission" for this particular grant. The distinction between stealthy and overt is only that way because we haven't got good accountability for the former in place. And I'm slowly coming around to the view that - once some form of consent is granted - the distinction is basically moot. If you would like that to be more concrete, I'm tending more toward 3a; as a simplification of 3c, it is quite attractive. And that probably wasn't what you were looking for. --- Reply to this email directly or view it on GitHub: https://github.com/w3c/push-api/pull/87#issuecomment-67239236
Received on Tuesday, 16 December 2014 21:54:21 UTC