Re: [w3ctag/design-reviews] TAG review for web app `scope_extensions` (Issue #875) from Diego Gonzalez on 2024-06-11 (public-webapps-github@w3.org from June 2024)

From: Diego Gonzalez <notifications@github.com>
Date: Tue, 11 Jun 2024 06:02:34 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/875/2160710976@github.com>

Hola TAG, 

We've [updated the explainer](https://github.com/WICG/manifest-incubations/blob/gh-pages/scope_extensions-explainer.md) to provide a better sense of the feature we are developing:
* added images that show the security UX that `scope_extensions` addresses
*  added wording that explicitly states there are NO changes to permissions on extended scopes (every origin is in control of their own permissions) 
* included an example of how an installed web app can always show the user the current scope where content is being served from (for security) 
* changed the way a developer can specify these extended scopes by re-using an existing concept (that of `registerable domain`s) taking into consideration the feedback we got in our breakout review.

We hope this addresses the concerns from the previous review and thank you for all the help getting to this current revision. 

cc @dmurph @LuHuangMSFT 

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/875#issuecomment-2160710976
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/875/2160710976@github.com>

Received on Tuesday, 11 June 2024 13:02:38 UTC