RE: Permissions for receiving messages from Niklas Widell on 2010-10-20 (public-device-apis@w3.org from October 2010)

From: Niklas Widell <niklas.widell@ericsson.com>
Date: Wed, 20 Oct 2010 17:38:25 +0200
To: "'public-device-apis@w3.org'" <public-device-apis@w3.org>
Message-ID: <6FFCEF6A0AE1D6468ADD42818409956204D387CF@ESESSCMS0352.eemea.ericsson.se>

Hi,
some clarifications as follow-up to todays call. First, the idea already assumes that there are different permissions per messaging types (e.g messaging.onSMS, messaging.onEmail etc). Sorry for not making this really clear. 

The intent would  be to have the permission not only to subscribe to messaging events, but also allow some granularity to specify which messages (of whatever flavor) the app would should see. For instance, 

UC1. A generic sms messaging app should like to be notified on the arrival on ANY new sms.
UC2. A simple app (say a pizza ordering app from Greasy Pizza Co) should only see messages from a single sender/small set of senders, ie permission includes white-list of senders.

Unless there is some additional granularity (assuming onSMS etc exists), there is a nasty message intercept possibility, where an app (given the permission assuming good intent, like Greasy Pizza Sms-ing me to indicate that my order is ready) would be informed of and could act on any message that arrives.

Looking at the Prague minutes I think the discussion in Prague which resulted in ACTION-132 had a subtle difference to the "proposal" here. ACTION-132 is about looking into assisting developers with event filtering, while the "proposal" here is to filter which messages the app is actually is allowed to see.

thanks, 
Niklas

________________________________________
From: public-device-apis-request@w3.org [public-device-apis-request@w3.org] On Behalf Of Niklas Widell [niklas.widell@ericsson.com]
Sent: Thursday, October 14, 2010 3:16 PM
To: 'public-device-apis@w3.org'
Subject: Permissions for receiving messages

Hi,
The Permissions spec [1] does not allow any parameterization of permissions, and this does not appear necessary for the permissions it currently defines. However, for Messaging, I think it would be useful for "onSMS/onMMS/onEmail" to be able to limit what messages the widget/web app actually sees (in a sense similar to how WARP [2] spec limits network access for widgets).

A widget can filter out what messages it want to show/act on, however, I'm not really comfortable in allowing any widget to intercept ANY message as long as the widget has requested the right permission , which would be the case otherwise.

The current Permissions spec does not easily extend to this include this functionality as far as I can tell, thus an additional mechanism would be needed, perhaps something like WARP.

BTW, Android doesn't (as far as I can tell) allow this granularity.

Thoughts?

Best regards,
Niklas

[1] http://www.w3.org/TR/2010/WD-api-perms-20101005/
[2] http://www.w3.org/TR/2010/CR-widgets-access-20100420/

Received on Wednesday, 20 October 2010 15:39:13 UTC