W3C home > Mailing lists > Public > www-tag@w3.org > March 2010

Re: ACTION-401Ask WebApps to Review Taxonomy

From: ashok malhotra <ashok.malhotra@oracle.com>
Date: Wed, 17 Mar 2010 16:16:12 -0700
Message-ID: <4BA162BC.4030409@oracle.com>
To: marcosc@opera.com
CC: public-webapps@w3.org, "www-tag@w3.org" <www-tag@w3.org>
Thanks, Marcos!  We will discuss this at the TAG mtg next week.
All the best, Ashok

Marcos Caceres wrote:
> (The following is my personal opinion about widgets)
> On Thu, Mar 11, 2010 at 10:58 PM, ashok malhotra
> <ashok.malhotra@oracle.com> wrote:
>> John Kemp has kindly created A Taxonomy of Web Applications for the TAG.
>> See
>> http://www.w3.org/2001/tag/2010/03/web-apps-taxonomy/web-apps-taxonomy.html
>> It would be good if some of the WebApps folks could review and comment.
>> Also, I suspect that behind the many documents that the Web Apps WG is
>> producing lies
>> an architectural vision.  If someone could spend a few minutes articulating
>> this vision, I think it
>> would be very helpful.
> I had a quick look, and just wanted to raise two points...
> # Trust often established between widget and widget platform (by means
> of crypto signatures)
> This is not quite right: The Dig Sig spec says "Widget authors and
> distributors can digitally sign widgets as a mechanism to ensure
> continuity of authorship and distributorship. Prior to instantiation,
> a user agent can use the digital signature to verify the integrity of
> the widget package and to confirm the signing key(s)." However, this
> should not be confused with "trust" in any way (e.g., an author I
> trust could turn evil, or the widget could be hijacked).
> # Trust often proxied by use of an "app-store" model
> Again, I kinda get what you mean here, but this is not the sole
> intention - and an appstore cannot really guarantee trust (as above).
> There are lots of trust models that will hopefully emerge around
> widgets (such as community mediated trust - where a community needs to
> approve something as safe before it can be used on devices). Depending
> on single points of trust is a bad thing, IMO. The central idea is
> that anyone can be an app store and that (hopefully) widgets engines
> will be able to get widgets from anywhere on the Web (i.e., totally
> decentralized distribution model).
Received on Wednesday, 17 March 2010 23:17:28 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:33:05 UTC