This seems like a reasonable group to do the work in, potentially as a joint deliverable with WebApps. My vague understanding from an earlier conversation with Mounir is that WebApps told him to come here. :) -mike -- Mike West <mkwst@google.com> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91 Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Geschäftsführer: Graham Law, Christine Elizabeth Flores (Sorry; I'm legally required to add this exciting detail to emails. Bleh.) On Wed, Nov 12, 2014 at 8:45 PM, Daniel Veditz <dveditz@mozilla.com> wrote: > On 11/12/2014 10:06 AM, Mounir Lamouri wrote: > > I would like to suggest to add permissions handling as part of the > > webappsec charter with one concrete deliverable being the Permissions > > API specification. > > Have you approached other working groups about this specification, and > if so what was their response? This isn't really a security feature (the > permissions themselves may be, but not just reading their state) so it > seems better suited for some place like public-webapps. > > Is it necessary to distinguish between "denied" and "prompt"? If a > permission isn't already granted I'm not sure it's any of the page's > business whether I've denied them or not -- they should (try to) ask if > they want to know. > > -Dan Veditz > >
Received on Thursday, 13 November 2014 10:18:15 UTC