RE: ISSUE-126: Should DAP review and take advantage of SysApps security models

DAP and SysApps APIs are likely to take different approaches to similar needs, but we should promote synergy where possible. For example in the object model for data related to APIs, where possible (e.g. a contact object), we should work toward common interface definitions. The way in which the APIs are invoked, and the related security/privacy approaches may end up being very different, but at least the actual data definition itself should be reusable?

I agree that it will take some time for the SysApps security model to take shape, for potential use in DAP's browser-focused APIs to be considered. I note however that this is not an intractable problem... IMO we (in OMTP) had actually demonstrated a feasible design for this back in 2009 with BONDI, in which our APIs were exposed securely to browser-based Webapps through association with pre-arranged domain-based trust (as provided for, if informatively, in DAP specs).

Thanks,
Bryan Sullivan 

> -----Original Message-----
> From: Arthur Barstow [mailto:art.barstow@nokia.com]
> Sent: Friday, November 30, 2012 6:51 AM
> To: Device APIs Working Group
> Subject: Re: ISSUE-126: Should DAP review and take advantage of SysApps
> security models
> 
> On 11/1/12 4:26 AM, ext Device APIs Working Group Issue Tracker wrote:
> > ISSUE-126: Should DAP review and take advantage of SysApps security
> models
> 
> Has SysApps done enough security related work such that DAP actually has
> something to review now or is SysApps' security work still too early?
> 
> Regardless, what do folks consider the potential relationships? F.ex.,
> which DAP spec(s) could potentially have a dependency on SysApps.
> 
> -Thanks, AB
> 
> 
> > http://www.w3.org/2009/dap/track/issues/126
> >
> > Raised by:
> > On product:
> >
> >
> 

Received on Friday, 30 November 2012 16:56:37 UTC