- From: Robin Berjon <robin@berjon.com>
- Date: Mon, 15 Jun 2009 10:34:26 +0100
- To: Thomas Roessler <tlr@w3.org>
- Cc: public-webapps WG <public-webapps@w3.org>
Hi Thomas,
On Jun 9, 2009, at 09:59 , Thomas Roessler wrote:
> 1. The definitions section seems to introduce "instantiated
> components" as a first class object that is granted access.
That is correct, I have changed it throughout the spec to talk only of
execution scopes.
> 2. It would be useful for the policy section to explicitly say that
> network access from the web execution scope is controlled by the
> HTML5 security policy, not by this specification's security policy.
I've changed it to punt to the used language's security policy.
> 4. The processing model is gratuitously detailed and complex, and
> pins down implementation detail. For example, the meaning of a
> sequence of access elements does not actually depend on the order in
> which these elements appear;
That was a bug. I've simplified the rest of the model so that it fills
about half the space it used to.
Thanks for your comments!
--
Robin Berjon - http://berjon.com/
Feel like hiring me? Go to http://robineko.com/
Received on Monday, 15 June 2009 09:35:00 UTC