Re: Use Cases and Requirements for Saving Files Securely

On Nov 10, 2009, at 11:45 PM, Charles McCathieNevile wrote:

> On Tue, 10 Nov 2009 01:21:06 +0100, Maciej Stachowiak  
> <mjs@apple.com> wrote:
>
>>
>> On Nov 9, 2009, at 12:08 PM, Ian Hickson wrote:
>>
>>> On Mon, 2 Nov 2009, Doug Schepers wrote:
>>>>
>>>> Please send in use cases, requirements, concerns, and concrete
>>>> suggestions about the general topic (regardless of your opinion  
>>>> about my
>>>> suggestion).
>>>
>>> Some use cases:
>>>
>>> * Ability to manage attachments in Web-based mail clients, both  
>>> receiving  and sending
>>> * Ability to write a Web-based mail client that uses mbox files or  
>>> the
>>> Maildir format locally
>>> * Ability to write a Web-based photo management application that  
>>> handles
>>> the user's photos on the user's computer
>>> * Ability to expose audio files to native media players
>>> * Ability to write a Web-based media player that indexes the  
>>> user's media
>>
>> These are good use cases.
>
> I would like to expand them a little, in each case making it  
> possible to use existing content, or expose content directly to the  
> user enabling them to change the software they use, or even use  
> multiple tools on the same content - a web app one day, a different  
> one next week, a piece of shrink-wrap software from time to time.

I'm having trouble following. Could you give more specific examples of  
what you have in mind? Does your expansion imply new requirements, on  
top of either Ian's list or my list?

> And add:
>
> * A document management system as hybrid web app, allowing file- 
> based access to the documents as well.

I don't exactly follow this either. By "hybrid web app", do you mean  
something running locally with some portion of native code doing part  
of the job? Assuming that is what you mean: I think hybrid Web apps  
are extremely interesting (and something Apple supports and encourages  
on Mac OS X and iPhone OS), but they should not be used the sole use  
case for any API that we wish to expose to public Web content. The  
reason is that on the one hand, hybrid Web apps are not constrained by  
the Web security model, and on the other hand, they are always free to  
break out of the sandbox with native code, or capabilities specific to  
a particular runtime. For functionality we expose to the Web, there  
should be at least some justifying use cases that are pure Web apps.

Regards,
Maciej

Received on Wednesday, 11 November 2009 08:52:39 UTC