Re: Privileged and certified-level app, was Re: Clarity over direction of work on runtime and security model?

On Sep 25, 2013, at 1:48 PM, Marcos Caceres <w3c@marcosc.com> wrote:

[...]

> This means that, from the get-go, certified and privileged packaged apps cannot be shared across runtimes in an interoperable manner (without replacing the signature, which kinda defeats the purpose).
> 
> Question for the SysApps WG is: do we want to attempt to standardise a digital signature scheme for packaged apps?


A follow up question to the group, assuming digsig is scoped out:

What is the problem the group would like to solve by standardizing "unsigned" packaged apps that is not solved by "hosted apps" (for the sake of a better word) and ServiceWorkers (that will hopefully address the offline problem)?

It seems the runtime-related bits on which to reach consensus on are:

* App Manifest
* App Lifecycle and Events
* ServiceWorkers

Thanks,

-Anssi

Received on Wednesday, 2 October 2013 12:45:26 UTC