Re: [sysapps/runtime] can user add another store apps? from Dave Raggett on 2013-03-27 (public-sysapps@w3.org from March 2013)

From: Dave Raggett <dsr@w3.org>
Date: Wed, 27 Mar 2013 17:46:35 +0000
To: public-sysapps@w3.org
Message-ID: <5153307B.7000200@w3.org>
On 27/03/13 15:28, John Lyle wrote:
> On 27/03/13 15:03, Fabrice Desre wrote:
>> You can check at
>> https://mxr.mozilla.org/mozilla-central/source/dom/apps/src/PermissionsTable.jsm
>>
>> which api is available for each level or trustiness ("app" in this table
>> is what I called "web" here).
>>
>> We currently only recognize the mozilla store as a source of privileged
>> apps, but it's only a matter of installing the right certificates on the
>> device if we want to add more trusted stores.
> Hi Fabrice,
>
> Thanks very much for the pointer and explanation.  This makes more
> sense.  Out of curiosity, is this 'permissions table' intended to remain
> hard-coded in Firefox OS source code, or do you anticipate any
> customisation / adaptation by users or other stakeholders?
>
> To return to Norifumi's question, it sounds like 'apps' (which are
> roughly as privileged as websites) can be installed from anywhere, but
> 'privileged apps' (which are able to access cameras, contacts, etc) can
> only be installed from an app store that the user agent has a trusted
> certificate for, and the process for installing new privileged app
> stores is likely to remain outside of this specification.  Is that a
> fair assessment?

Does a trusted app need to be installed from an app store?  How about 
when an app is signed by the "app store", but is downloaded from another 
website.  I can envisage app stores as kind of specialized search sites 
that link to apps that have been deemed to be trustworthy. That could 
come about in a number of ways, e.g. through crowd based reputation 
where many people have signalled their approval for the app through a 
mechanism managed by an app store, or perhaps the app has been subjected 
to automated security and privacy checks, or better, through detailed 
expert scrutiny by specialists trusted by the app store.

Apps could be registered with an app store, but another possibility is 
for the app store to find apps by trawling the web, and examining the 
app's manifest. Certificates attesting to the trustworthiness of the app 
could be held on the app store. If the app is downloaded by following a 
link in the search results from an app store, the store can track how 
many people downloaded the app.

We may want to think about what features the manifest needs to provide 
for use by app stores, and to allow for the app to be referenced by 
multiple stores whilst "installed" from its own website.

A further idea is the possibility of enabling the web run-time to adjust 
its notion of privileges according to the certificates provided by app 
stores. This would allow for finer grained models of privileges where an 
advanced user could express their preferences, and regular users could 
delegate the associated preference settings to a trusted third party 
(e.g. an app store). This is based upon the idea that trust is always in 
regards to a context of use.


-- 
Dave Raggett <dsr@w3.org> http://www.w3.org/People/Raggett
Received on Wednesday, 27 March 2013 17:46:59 UTC