Re: [push-api] Clarify subscription relationships, lifecycle, and uniqueness. (#112) from Michael van Ouwerkerk on 2015-02-04 (public-webapps-github@w3.org from February 2015)

From: Michael van Ouwerkerk <notifications@github.com>
Date: Wed, 04 Feb 2015 06:48:10 -0800
To: w3c/push-api <push-api@noreply.github.com>
Message-ID: <w3c/push-api/pull/112/r24087480@github.com>

> @@ -257,12 +276,21 @@
>          <a title="user agent">User agents</a> MUST NOT provide Push API access to <a title=
>          "webapp">webapps</a> without the <a>express permission</a> of the user. <a title=
>          "user agent">User agents</a> MUST acquire consent for permission through a user interface
> -        for each call to the <code>subscribe()</code> method, unless a prearranged trust
> -        relationship applies.
> +        for each call to the <code>subscribe()</code> method, unless a previous permission grant
> +        has been persisted, or a prearranged trust relationship applies. Permissions that are

A prearranged trust relationship can also be part of an EULA or something like that. The use of persisted permission grants is by far the most common thing for web APIs, so it makes sense to call it out, for clarity. Finally, whether a persisted grant is "prearranged" seems open to interpretation. The new phrasing seems clearer to me.

---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/push-api/pull/112/files#r24087480

Received on Wednesday, 4 February 2015 14:48:41 UTC