W3C home > Mailing lists > Public > www-tag@w3.org > February 2012

Re: Installing web apps

From: Robin Berjon <robin@berjon.com>
Date: Thu, 9 Feb 2012 13:01:06 +0100
Cc: Tim Berners-Lee <timbl@w3.org>, Ian Hickson <ian@hixie.ch>, WebApps WG <public-webapps@w3.org>, Thomas Roessler <tlr@w3.org>, "Michael[tm] Smith" <mike@w3.org>, "www-tag@w3.org List" <www-tag@w3.org>
Message-Id: <570178B7-D1C3-4270-BF73-252E3D558A24@berjon.com>
To: Dimitri Glazkov <dglazkov@chromium.org>
Hi Dimitri,

On Feb 7, 2012, at 18:26 , Dimitri Glazkov wrote:
> Robin, this is a pretty interesting and thoughtful treatise and while
> I am still digesting parts of it, I can't help but think that the key
> in identifying precise boundaries and relative position of these two
> universes is defining one in terms of another. Namely, we may want to
> explore if Web App sandbox/container can be a System App (I also heard
> the term Platform App). And if it can be, it both definitively
> enumerates the set of limitations and APIs imposed by this container
> System App and dovetails nicely into that whole browser-in-a-browser
> discussion.

I'm still trying to wrap my head about what exactly your proposal would imply, sorry if what follows is fuzzier than a Little Pony on a bad hair day.

As written, your proposal makes a lot of a sense to me. We have an omnipotent system on one side, and on the other a less powerful one that can run in the former. So defining the subset in terms of the whole seems logical.

But as soon as I try to do anything practical with the idea I start hitting aporetic walls. It doesn't mean that it's a bad idea of course, just that I don't know what to do with it. I'm hoping you can help :)

We could apply it in a brute force manner by listing all the features that the omnipotent system supports and flagging those that are excluded in-browser. But I doubt that that would be very useful, we wouldn't learn anything knew from it. Note that the people who worked on policy-based security systems for Web technology (e.g. WAC, webinos) have often discussed the possibility of producing a policy that matches the default browser security model (I don't know if they eventually did); this would be the same.

If however I try to be subtler and more abstract about it, I circle right back to a dividing line of "more harmful than what is tolerable inside a sandbox" which I mentioned previously. Stuff that's in that group doesn't get to be in the browser context.

The good news is that I don't think we need a strong definition for the distinction that I'm suggesting. I think that we can get away with a rough idea of what goes where and how to build it (which I believe we more or less have, though it needs to be documented). And with experience, we can refine it.

Still, I'd like to address your idea more satisfactorily :)

Robin Berjon - http://berjon.com/ - @robinberjon
Received on Thursday, 9 February 2012 12:01:34 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:33:13 UTC