W3C home > Mailing lists > Public > public-device-apis@w3.org > June 2013

Re: [Permissions] Notification on Device API Access

From: Robin Berjon <robin@w3.org>
Date: Mon, 03 Jun 2013 10:43:40 +0200
Message-ID: <51AC573C.5060900@w3.org>
To: Alexandre Morgaut <Alexandre.Morgaut@4d.com>
CC: Tobie Langel <tobie@fb.com>, "public-device-apis@w3.org" <public-device-apis@w3.org>
Hi Alexandre,

On 31/05/2013 17:41 , Alexandre Morgaut wrote:
> Still:
> - for features that are not mandatory in an implementation,
> - if an "Always Allow" option is proposed,
> I think vendors should be encouraged to propose:
> - an easy way to remove the permission
> - a notification option to be sure there is no abuse of the permission
> I agree imposing it may be a bit unrealistic
> Maybe APIs involving permissions could reference to a W3C Note suggesting it
> Opinions?

I agree that it's a reasonable thing to expect from an implementation. 
But the problem is that with such a document you enter UI 
specifications. And implementers tend to ignore those. There have been 
attempts to write such documents, notably for situations where it could 
really be important to have some user-visible interoperability (notably 
for security-related UI, such as telling the user that she is navigating 
an HTTPS site) but they have all failed.

So before jumping into writing anything, it's well worth making sure 
that the resulting document will actually be useful, read, applied, etc.

I guess the important question is: what do you hope to make happen with 
such a document that implementers wouldn't already do because they care 
about the experience that their users have?

Robin Berjon - http://berjon.com/ - @robinberjon
Received on Monday, 3 June 2013 08:43:57 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:32:55 UTC