Re: Summary of discussions so far

On Friday, 12 April 2013 at 7:50 PM, Wayne Carr wrote:

> Isn't what you are asking for what the System Applications WG [1] is doing?

Yes. Mostly.    
>  
> That's for standalone (not in a Web Browser) native like apps that use web technologies. They would have a different security model and access to additional APIs that are not available in Web Browsers.

Actually, that only applies to one class of application (what SysApps is calling "packaged apps" - which are bundled in a Zip file). Packaged apps can, indeed, under what SysApps is proposing, be deemed "trusted"… though it is currently unclear if a digital signature or some such will be standardised and used to denote this "trust". The working group is currently trying to work that out.  It is, nevertheless, true that most APIs defined by SysApps will only be exposed to trusted applications - though my feeling is that some of these may eventually leak onto the Web Platform.  

For other use cases, SysApps defines "hosted apps". These are "Web Apps" with the addition of a JSON manifest (how a manifest is associated with a Web App is still under discussion - currently, an API is used to say that manifest A is associated with Web App B).

For those interested, more info is available here:
http://runtime.sysapps.org/

The document is still very drafty, so feedback is welcomed (particularly with regards to use cases).  
  
--  
Marcos Caceres

Received on Sunday, 14 April 2013 21:43:29 UTC