W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2009

Re: [WARP] Call for comments on pre-LC#2 of WARP spec; deadline 18 November

From: Robin Berjon <robin@berjon.com>
Date: Thu, 19 Nov 2009 12:36:43 +0100
Cc: Suresh Chitturi <schitturi@rim.com>, public-webapps@w3.org
Message-Id: <CC503EA2-3428-4E90-B9DA-7A136E4DF900@berjon.com>
To: marcosc@opera.com
On Nov 19, 2009, at 12:03 , Marcos Caceres wrote:
>> RATIONALE: The ability of having nested <feature> elements under the
>> <access> element, allows the widget authors to control access to a
>> specific set of (platform) features on a per resource/domain basis,
>> improving the overall access-control and Widgets security model.
> Can you describe the use cases here? I know for playing around with
> the blackberry emulator that you guys (RIM) already implement this.
> Can you give us some insight into the actual use case and rationale?
> What kinds of features are being tightly controlled by <access>?

That would be my question as well. To provide more detail, the idea is that remote resources accessed by widgets (in this case we're talking about <iframe> and <object> only I think) follow the normal web security model. I have qualms about having the widget model reach onto the web without very good reason for it.

It also makes WARP more complex  I would like to once again strongly reinforce the idea that WARP is intended to be extremely simple, and a stop-gap specification until DAP produces something appropriately powerful. The Feature Vault is guarded by an oversized Pistol Shrimp [0] with a bad temper. She will require a very strong use case for this sort of additional feature.

[0] http://www.youtube.com/watch?v=eKPrGxB1Kzc

Robin Berjon - http://berjon.com/
Received on Thursday, 19 November 2009 11:37:18 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:20 UTC