Re: [permissions] Analysis of permissions handling and TAG presentation

On Friday, January 10, 2014 at 11:07 AM, David Rogers wrote:

> Hi Dom,
> 
> Thanks for putting this together. Looking at a couple of the screenshots, it is worrying that we're still in a world where prompting is being used as the primary mechanism for consent. As was discussed in projects outside W3C (OMTP BONDI and others), there are many issues with prompting, not least user prompt fatigue and auto-behaviour which can lead to very undesirable security outcomes. This is not taking into account deliberate social engineering against the user. This was also discussed at length in DAP and I would hope that work is not lost - I know good people are looking at this issue, such as Adrienne Porter Felt[1] so I hope that some of that will ultimately end up in the W3C.
> 
> What I believe the W3C and members should do in this space is:
> 
> * don't limit yourself to considering the end point with the user as being 'the browser chrome' - 'installable' web apps can have permission mechanisms controlled by the OS, arbitrating the API access

I have a bug to document this as it relates to installed web apps: 
https://github.com/w3c-webmob/installable-webapps/issues/12
 
> * consider API design and whether the developer can get meaningful information as to why a permission was denied - even potentially 'negotiated'. This would give a much greater richness in applications and usage.


Do you have examples of APIs that do this - or (native or web) apps that do this? 
 
> You know I've discussed this before, but we don't seem to have moved forward as a community on this topic from four years ago. I don't advocate banning prompts entirely because that is not realistic, however we should be in no doubt that prompts are not the only way. Prompts are the easiest thing to implement and so is deferring responsibility/liability to the user - it's kind of "the cheat's way out". 
> 

Agree.

Received on Friday, 24 January 2014 20:13:12 UTC