RE: publication of FPWD of Runtime and Security Model for Web Applications from John Lyle on 2013-03-19 (public-sysapps@w3.org from March 2013)

From: John Lyle <john.lyle@cs.ox.ac.uk>
Date: Tue, 19 Mar 2013 22:57:18 +0000
To: Suresh Chitturi <schitturi@blackberry.com>, Dave Raggett <dsr@w3.org>, Mounir Lamouri <mounir@lamouri.fr>, Ming Jin <ming.jin.web@gmail.com>
CC: "public-sysapps@w3.org" <public-sysapps@w3.org>
Message-ID: <D423F69CB98AB54A89E86CD9F05CAB57312BA7@MBX04.ad.oak.ox.ac.uk>

> -----Original Message-----
> From: Suresh Chitturi [mailto:schitturi@blackberry.com]
> Sent: 19 March 2013 19:52
> 
> >-----Original Message-----
> >From: Dave Raggett [mailto:dsr@w3.org]
> >Sent: Tuesday, March 19, 2013 6:05 AM
> >
> >I've been asked if it is possible to add some more information to the
> >state of this document section on expected evolution of the document,
> >e.g. major open issues, stability of current proposal.
> >
> >Any suggestions?
> 
> Glad you brought this up Dave!
> My quick review of the draft [1] gave me an impression that there are many
> areas that are needs significant work and probably this needs to be
> highlighted.
> Also it would be helpful to note the group's thinking on the relationship
> between Application Manifest format and the Web Apps Widgets Packaging
> and XML Configuration [2], besides the difference in format i.e. JSON vs. XML.
> 
> 
> [1] http://www.w3.org/2012/sysapps/drafts/runtime/
> [2] http://www.w3.org/TR/widgets/
> 

Hi Dave, Suresh,

There have been quite a few discussions on this mailing list about several aspects of this document.  Purely in terms of formatting and minor edits there are several open issues on Github [3].  

Trawling through the various email threads, here are some of the issues that have been discussed (apologies if I missed any).  Some are resolved but I think many will at least need clarifications in the document:

 * The vocabulary ("system apps", "installable web apps", "packaged apps" etc.)
 * The choice of manifest format - the decision was to define the Open Web App Manifest from Mozilla in this document and optionally to extract it at a later date.
 * The number of 'privilege' levels for web applications, and the need for rules around this.
 * Clarifying the role and relationship with app stores, and the expectations of review and user oversight.
 * The URI for packaged apps.  See Marcos' proposal for more details.
 * Whether both packaged and hosted apps need to be specified in this document.
 * The use of version strings.
 * The lack of details available around signatures for application content and manifests.
 * The need for additional details about the purpose of the two different app manifests.
 * The requirement/lack of a requirement for secure communication (HTTPS)
 * CSP : how the package-defined CSP and any directives returned in HTTP headers should be processed
 * Overlap with the widgets requirements document and the potential to re-use some of the widget specifications
 * Relationship between app packages, instances and windows - whether an app can have multiple windows open, or whether multiple instances of one app are allowed.
 * The internationalization model.

Best wishes,

John

[3]  https://github.com/sysapps/runtime/issues

Received on Tuesday, 19 March 2013 22:57:43 UTC