- From: SULLIVAN, BRYAN L (ATTCINW) <BS3131@att.com>
- Date: Wed, 24 Feb 2010 08:31:36 -0800
- To: "Tyler Close" <tyler.close@gmail.com>, "W3C Device APIs and Policy WG" <public-device-apis@w3.org>
Here are the main points I raised in the call. This work seems more appropriately placed in the Web API group work in the Webapps group. There is nothing inherently "device" related in this proposal; the device is an abstracted resource provider with URL-based resources. Thus it fits more with the general work on Web API's. It certainly may be applicable for access to device resources, and the adaptation of it for DAP use could be considered once the proposal has demonstrated traction in the marketplace, e.g. published as a W3C specification and implemented for use in accessing generic web resources. But in the meantime, DAP should focus on the existing models for API definition based upon Javascript objects, which are well understood and widely used in the marketplace. For the user, "an understandable interaction based upon an adequate mental model" as mentioned on the call is a pretty high goal to capture in terms of concrete security requirements. This requires the user to be able to understand in any context, and this ability is affected by the limitations of the user interface (both output and input), and in a lot of cases upon the users themselves (e.g. maturity). Further, in the mobile context, placing the onus on the user to understand based upon the limited information that can be presented, and adequately/effectively interact with the UI based upon the limited input controls, both diminish the user's ability to depend upon intuitive UI designs which require less effort to assess and interact, thus provide more opportunity for a user's reasoning over security issue. Thus there is a need for applications to request and obtain session and blanket API access, either with user input or automatically (e.g. based upon a prior approval). Thanks, Bryan Sullivan | AT&T -----Original Message----- From: public-device-apis-request@w3.org [mailto:public-device-apis-request@w3.org] On Behalf Of Tyler Close Sent: Friday, February 19, 2010 10:49 AM To: W3C Device APIs and Policy WG Subject: [Powerbox] A RESTful proposal for Web enabling devices Mark Miller, Marc Seaborn and myself have created a draft proposal for a RESTful approach to addressing the design challenges this WG is working one. The Powerbox is a general purpose mechanism for introducing customer content to new and potentially private resources. New kinds of resources can be made accessible to Web content by using the Powerbox for discovery and introduction, existing user-agent APIs such as XMLHttpRequest for interaction, existing MIME media types for syntax, and HTTP methods for general semantics. The attached proposal provides exact details on how a Powerbox works, provides advice on how to use it and explains one example use-case, making a video camera accessible to Web content. I hope to expand the proposal with additional examples. Please suggest examples you'd find compelling. We hope this proposal can provide a basis for this WG's design work, so we're interested in feedback on the proposal and how it might better meet the needs of this WG. --Tyler
Received on Wednesday, 24 February 2010 16:32:14 UTC