- From: Robin Berjon <robin@berjon.com>
- Date: Tue, 6 Sep 2011 12:51:29 +0200
- To: Rich Tibbett <richt@opera.com>
- Cc: public-device-apis@w3.org
On Sep 5, 2011, at 16:48 , Rich Tibbett wrote: > Jonas's follow-up blog post can be found here: > > http://hacks.mozilla.org/2011/08/more-details-about-the-webapi-effort/ > > "The approach we’re planning on taking is to do both high-level and low-level APIs, as well as give people the proper incentives to use the one that is best for the user. But a very important point is to provide low-level APIs early to ensure that Mozilla isn’t on the critical path for innovation. Over time, we can add high-level APIs where that makes sense." That's certainly a very sensible comment. What I feel is lacking from that picture is how providing low-level APIs and security may at times clash (intuitively, I would think that higher-level functionality is more easily protected — but I could be wrong). Not that this is criticism of Jonas's post — it's an unsolved question. > I think that ties in to the discussion Frederick started recently on our W3C Device APIs list: > > "[Architecture] Device APIs: Javascript vs HTTP/REST client API interfaces - comment/feedback?" > > http://lists.w3.org/Archives/Public/public-device-apis/2011Sep/0014.html Interesting idea. How do you see it tying in? Are you seeing the HTTP level interfaces as a low-level way of accessing multiple different APIs? Again, the unsolved question in such services is how to tie them in with security properly. There are proposals, we need to figure one out. -- Robin Berjon - http://berjon.com/ - @robinberjon
Received on Tuesday, 6 September 2011 10:51:58 UTC