On Jun 2, 2009, at 14:57 , Henri Sivonen wrote: > Please include a corresponding UA requirement to obtain > authorization from the user for the features imported with > <feature>. (It seems that the security aspect requires an > authorization and doesn't make sense if the dangerous feature are > simply imported silently.) As far as I can tell, the spec doesn't > currently explain what the UA is supposed to do with the 'feature > list' once built. I don't think that that is a good idea. The purpose of <feature> is to provide a hook through which a widget may communicate with a security policy. What's in the security policy really isn't up to P+C to define (though it certainly should be defined somewhere else). Maybe it could ask the user, as you state, but maybe it could see that the widget was signed by a trusted party, or know that the device doesn't have any sensitive data for a given API, or maybe anything goes on the full moon. -- Robin Berjon - http://berjon.com/ Feel like hiring me? Go to http://robineko.com/Received on Tuesday, 2 June 2009 13:03:32 GMT
This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:31 GMT