- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Thu, 09 Jan 2014 10:53:01 +0100
- To: public-web-mobile@w3.org
Hi, In our previous discussions, permission management was one of the the topics that were raised as potential blockers for the proper development of the Web as a platform on mobile device. During our Shenzhen F2F, I took an action item (ACTION-93) to re-raise this topic to the W3C Technical Architecture Group (TAG). I was kindly invited to their F2F meeting yesterday to discuss this topic; in the process, I updated the presentation I had prepared on the topic two years ago (and which presented in Shenzhen): http://www.w3.org/2014/Talks/dhm-tag-permissions/ The major new piece in the presentation is some research I quickly conducted in preparation for the meeting: I looked at all the features I knew of that require user consent and that I could run on my laptop, created example codes that triggered these user consent requests, ran them on Firefox and Chrome, captured screenshots of the resulting UI, and documented the various themes that emerged. The result of that work is visible in: https://github.com/dontcallmedom/web-permissions-req/ In particular: * I built a table that summarizes the various approaches taken across APIs/features: http://dontcallmedom.github.io/web-permissions-req/matrix.html * the screenshots are at https://github.com/dontcallmedom/web-permissions-req/screenshots/ * the code snippets are at: https://github.com/dontcallmedom/web-permissions-req/tests/ and can be run from http://dontcallmedom.github.io/dontcallmedom/web-permissions-req/tests/... A particular fun one is http://dontcallmedom.github.io/web-permissions-req/tests/all.html which run all the permission requests at once, with the following result in Chrome: http://dontcallmedom.github.io/web-permissions-req/screenshots/all-chromium.png I presented the result of that work to the TAG and they were quite receptive to the need of stronger coordination in this space. In particular, Alex Russell took an action item to see which best practices could be extracted from the various approaches, and to try and identify targets for more convergence across APIs: https://www.w3.org/2001/tag/group/track/users/43338 Dan Appelquist took an action item to ask WG Chairs about which of their APIs require user consent: https://www.w3.org/2001/tag/group/track/actions/850 I indicated that our group was willing to help in progressing this topic further. I already have some ideas as to what could be usefully done: * as highlighted in the repo https://github.com/dontcallmedom/web-permissions-req/#todo collecting more screenshots of more permissions from more browsers on more devices * start collecting relevant research papers on permission management; this was already started in http://www.w3.org/wiki/Mobile/articles#API_Permissions but I feel there must be a lot more available out there — if anyone has contacts in the HCI academic world, this would be a great thing to ask e.g. a student to build Dom
Received on Thursday, 9 January 2014 09:53:16 UTC