- From: Marcos Caceres <marcosc@opera.com>
- Date: Tue, 16 Jun 2009 14:42:30 +0200
- To: Henri Sivonen <hsivonen@iki.fi>
- Cc: public-webapps <public-webapps@w3.org>, Arve Bersvendsen <arveb@opera.com>
Hi Henri, On Tue, Jun 2, 2009 at 3:19 PM, Arve Bersvendsen<arveb@opera.com> wrote: > On Tue, 02 Jun 2009 14:57:46 +0200, Henri Sivonen <hsivonen@iki.fi> wrote: > >> Please state the purpose of <feature>. (That it's for authorizing features >> that don't participate in the Web-oriented browser security model.) >> >> Please include a corresponding UA requirement to obtain authorization from >> the user for the features imported with <feature>. (It seems that the >> security aspect requires an authorization and doesn't make sense if the >> dangerous feature are simply imported silently.) As far as I can tell, the >> spec doesn't currently explain what the UA is supposed to do with the >> 'feature list' once built. > > Such authorization may be made in a number of other ways than 'from the > user'. A user agent distributor may for instance use signatures on > applications to determine that the feature is safe[1] to access. > > > [1] «Safe»: here meaning that an application signed with a particular > signature is in compliance with criteria regarding both security and > privacy-related concerns. Based on Arve and Robin's additional feedback, I've added the following to the spec as part of "The Feature Element" section: "How a user agent makes use of features depends on the user agent's security policy, hence activation and authorization requirements for features are beyond the scope of this specification." Is that satisfactory? -- Marcos Caceres http://datadriven.com.au
Received on Tuesday, 16 June 2009 12:43:24 UTC