RE: Draft Charter for a Device API and Security WG

Hi Dave,

Le mercredi 13 mai 2009 à 21:38 +0100, David Rogers a écrit :
> In general we are very pleased with the charter, so here are some
> small changes from us:
> 
> 1) Title: "Device APIs and Security Working Group Charter"

I'm not sure about adding "and Security" to the name of the group:
 * it makes the name quite long and mouthful
 * it reads awkwardly: it won't work on device security, nor on security
in general, but on the securing access to device APIs which that title
doesn't convey

I don't feel very strongly about it, so I can add it back if others do.

> 2) In 3.1 Recommendation-Track Deliverables:
> 
> System Information API -> Change to "System Information and Events"

Done.

> * Application Configuration API
>  - An API to manage application settings and user preferences

OK, added for now (but others should feel free to disagree)

> * User Interaction API
>  - A set of APIs that gives a widget or website far better control of how it manifests itself on different platforms. This would include minimise/maximise  functions, window size, alerting mechanisms etc.

Hmm... Is that really a "device service" API? It feels more like
something for the WebApps Working Group. Is it so strongly related to
the others APIs that it would need to be developed in this group?

> * Security Policy Framework:
>  - Definition of a policy description language for security policies
>  - Expression of security policies that govern access of Web Applications and Widgets to security-critical APIs

Added.

> 3) In 4.2 Liaisons:
> 
> Ubiquitous Web Applications Working Group http://www.w3.org/2007/uwa/ To help with work on device status, particularly the work on Delivery Context: Client Interfaces (DCCI) 1.0 http://www.w3.org/TR/DPF/.

Added.

> 4) In 4.3 External groups:
> 
> OMTP
> 
> OMTP's BONDI initiative aims to define key interfaces that enable the mobile web platform to access sensitive functions on the mobile, within a security framework that protects the user from malicious actions. OMTP can provide input to requirements and technologies for this Working Group, as well as review and endorse deliverables.

Added.

Dom

Received on Thursday, 14 May 2009 06:51:35 UTC