- From: Robin Berjon <robin@berjon.com>
- Date: Wed, 8 Feb 2012 22:55:43 +0100
- To: Jean-Claude Dufourd <jean-claude.dufourd@telecom-paristech.fr>
- Cc: public-webapps@w3.org
On Feb 2, 2012, at 09:51 , Jean-Claude Dufourd wrote: > JCD: I do not see why the granting of privileges should be implicit when some webapp is "installed". It all boils down to what "installation" means. For instance, if you take a super lightweight approach to it similar to Firefox's app tabs, it makes sense to automatically grant a few non-dangerous extra privileges such as the right to use Web Notifications or perhaps a greater local storage quota. > I believe Tim was hinting (through the use of the words "a selection of") at non-implicit, selective granting. The problem with explicit and selective granting is that it doesn't scale. It works if you one, maybe two privileges like say Geolocation and some extra storage space. If you start needing more then there is simply no known user interface that will not cause users to blanket agree to things without thinking about it. A lot of prompts (even non-modal asynch ones) will eventually end up being ignored if they pile up. We also looked at bundling but user testing shows people only read what's on the button they click on so you can't go that way either. We can't fix humans — thankfully, we can fix technology! The majority of useful features can be acquired with user mediation, without it even being bad UX. When we find limits to that model, we can start thinking about improvements but it's a really good step to take the Web to the next level. What's more, like Web Components it helps take browser vendors out of the critical path for a lot of innovation; which is great for everyone (including them). > Others in the thread have tried to clarify the "installation". > Something that could reconcile Tim and Ian might be to just consider "installation" as "an association of a selection of privileges to a webapp". > One privilege among others could be "to be locally stored". Associating permissions with an origin is easy and already supported. The hard part is making it usable in a way that does not endanger users. So far, no one has come even close to cracking that nut using that approach. -- Robin Berjon - http://berjon.com/ - @robinberjon
Received on Wednesday, 8 February 2012 21:56:11 UTC