Re: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework < General]

On 7.10.2009 17.30, "ext Brian LeRoux" <>
> Rather than runtime dialogues, which do create a *terrible* user
> experience, can we consider a one time startup dialogue (similar to
> what is seen in android applications) that warns the user about what
> apis the application wants access to.

>From a usability point of view, a one-time dialog would be quite good. It
just needs to be presented sensibly and nicely (which is not necessarily a
DAP concern). I think in Android this is based on entries in the manifest
file, so the information can be collected up front.

Of course, a secure solution that would completely sidestep any user
prompting would be even better, but I have none to present at this moment.
(And if I had, it wouldn't be certificate signing.)


Received on Wednesday, 7 October 2009 14:38:14 UTC