Request for Comments: FPWD of Widgets 1.0: Access Requests Policy spec

To: public-webapps@w3.org
BCC: public-device-apis@w3.org
Reply-to: public-webapps@w3.org

On June 18, the Web Applications WG published a First Public Working  
Draft of the Widgets 1.0: Access Requests Policy (WARP) spec:

[[
<http://www.w3.org/TR/2009/WD-widgets-access-20090618/>

Abstract

This specification defines the security model controlling network  
access from within a widget, as well as a method for widget authors  
to request that the user agent grant access to certain network  
resources (or sets thereof).

Introduction

User agents running widgets are expected to provide access to  
potentially sensitive APIs (phone book, calendar, file system, etc.)  
that expose data which should not be leaked to arbitrary network  
locations without the user's consent.

The purpose of this specification is precisely to define the security  
model for network interactions from within a widget that has access  
to sensitive information, and to provide means for a widget to  
declare the need to access specific network resources so that a  
policy may control it.
]]

If you have any comments, please send them to public-webapps@w3.org.

-Regards, Art Barstow

P.S. BCC was used for device-apis mail list to reduce cross-posting

Received on Thursday, 18 June 2009 14:24:54 UTC