W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

Request for Comments: FPWD of Widgets 1.0: Access Requests Policy spec

From: Arthur Barstow <art.barstow@nokia.com>
Date: Thu, 18 Jun 2009 10:24:05 -0400
Message-Id: <889BA425-E9ED-4389-AA6B-4D1B93EBD497@nokia.com>
To: public-webapps <public-webapps@w3.org>
To: public-webapps@w3.org
BCC: public-device-apis@w3.org
Reply-to: public-webapps@w3.org

On June 18, the Web Applications WG published a First Public Working  
Draft of the Widgets 1.0: Access Requests Policy (WARP) spec:



This specification defines the security model controlling network  
access from within a widget, as well as a method for widget authors  
to request that the user agent grant access to certain network  
resources (or sets thereof).


User agents running widgets are expected to provide access to  
potentially sensitive APIs (phone book, calendar, file system, etc.)  
that expose data which should not be leaked to arbitrary network  
locations without the user's consent.

The purpose of this specification is precisely to define the security  
model for network interactions from within a widget that has access  
to sensitive information, and to provide means for a widget to  
declare the need to access specific network resources so that a  
policy may control it.

If you have any comments, please send them to public-webapps@w3.org.

-Regards, Art Barstow

P.S. BCC was used for device-apis mail list to reduce cross-posting
Received on Thursday, 18 June 2009 14:24:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:12:54 UTC