- From: Anne van Kesteren <annevk@opera.com>
- Date: Fri, 12 Feb 2010 14:24:02 +0100
- To: "Frederick Hirsch" <Frederick.Hirsch@nokia.com>
- Cc: "ext Robin Berjon" <robin@robineko.com>, "public-device-apis@w3.org" <public-device-apis@w3.org>
On Fri, 12 Feb 2010 14:14:26 +0100, Frederick Hirsch <Frederick.Hirsch@nokia.com> wrote: > So if the photos (or contacts) are on the device, then access policy > should be handled by the device, which results in needing the policy on > the device, for the device APIs. > > So to repeat what I think you are saying > > 1. allow uniform REST access to API, thus making it transparent whether > it is local or remote (apart from URL being clear) > > 2. if the data is on the device itself, then policy and access control > and privacy concerns must be met by the device, (and this WG was > chartered to provide a standard for that I believe). If on a web server > the device need not care, since authentication and authorization are the > responsibility of the service on the site. > > Am I understanding this correctly so far? Right, though I'm not sure exactly what you think needs to be standardized. The service on the device would need to do exactly the same as the service on the server. Either that or the user agent would need to implement a mapping between the device service API and the REST service against the "new URL". > I believe there is remains a usability argument re Javascript APIs vs > calling REST, however your point that the paradigm is a bigger issue > probably holds. JavaScript libraries will provide convenience I think and are much more likely to come up with something good than us. -- Anne van Kesteren http://annevankesteren.nl/
Received on Friday, 12 February 2010 13:24:38 UTC