Re: Conclusions from the constraints spec review

On 2/8/2014 3:20 PM, Eric Rescorla wrote:
> On Sat, Feb 8, 2014 at 8:56 AM, Jan-Ivar Bruaroey <jib@mozilla.com 
> <mailto:jib@mozilla.com>> wrote:
>
>     On 2/8/2014 11:00 AM, Eric Rescorla wrote:
>>     On Fri, Feb 7, 2014 at 11:14 PM, Jan-Ivar Bruaroey
>>     <jib@mozilla.com <mailto:jib@mozilla.com>> wrote:
>>
>>         Constrainable was designed around gUM, and it has not been
>>         proven to have general application. Quite the contrary, we
>>         keep finding evidence it is specific to gUM.
>>
>>         Evidence:
>>         - Mandatory constraints don't make sense when there's no
>>         permission prompt.
>>         - applyConstraints() pattern is only necessary when sharing
>>         resources.
>>         - No other applications.
>>
>>         To repeat: Constrainable is only warranted when you're
>>         sharing resources behind a permission prompt. Sound general?
>>
>>
>>     For the record, I don't believe agree with these statements.
>>
>>     There are plenty of reasons why one would wish to have mandatory API
>>     points, not just for things behind a permissions promot.
>
>     Avoiding the permission prompt is what necessitates building the
>     intent missile. Without that problem, it is much simpler and
>     natural to ask, look at what you get and reject it, like roc says.
>     Mandatory constraints, with their WebIDL headaches and confusing
>     semantics favoring a non-webby fail-first approach [0], would not
>     have survived discussion without the permission prompt problem.
>
>
> Yes, I realize this is your opinion. I don't expect to convince you 
> nor do I expect you
> to convince me. That's why I will simply note for the record (and to 
> the extent the
> chairs are gauging consensus) that I disagree with this position.

I'll be sad if you give up on convincing me. I would love to hear the 
other reasons why one would wish to have mandatory, if there are any.

Hopefully we can arrive at some conclusions here that don't boil down to 
opinion. Such as:

- Collectively we were unable to agree on a better solution than 
mandatory for the gUM permission prompt.
- Take away the permission prompt problem, and other alternative 
solutions become obvious, like ask-check-reject from roc.
- It seems fair to compare mandatory and ask-check-reject on complexity, 
applicability, since constrainable is being proposed as a general pattern.
- General programming principles favor the simplest pattern that's 
necessary (sorry I don't have links)

.: Jan-Ivar :.

Received on Sunday, 9 February 2014 14:06:52 UTC