W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

Re: Rechartering: Permissions API

From: Mike West <mkwst@google.com>
Date: Thu, 13 Nov 2014 11:17:26 +0100
Message-ID: <CAKXHy=dGBNopp2PPg2Tm2LiSJDffCpGea6Kykmbcw8PsW95eug@mail.gmail.com>
To: Daniel Veditz <dveditz@mozilla.com>
Cc: Mounir Lamouri <mounir@lamouri.fr>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Brad Hill <hillbrad@gmail.com>, Marcos Caceres <w3c@marcosc.com>
This seems like a reasonable group to do the work in, potentially as a
joint deliverable with WebApps. My vague understanding from an earlier
conversation with Mounir is that WebApps told him to come here. :)

-mike

--
Mike West <mkwst@google.com>
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91

Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschäftsführer: Graham Law, Christine Elizabeth Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

On Wed, Nov 12, 2014 at 8:45 PM, Daniel Veditz <dveditz@mozilla.com> wrote:

> On 11/12/2014 10:06 AM, Mounir Lamouri wrote:
> > I would like to suggest to add permissions handling as part of the
> > webappsec charter with one concrete deliverable being the  Permissions
> > API specification.
>
> Have you approached other working groups about this specification, and
> if so what was their response? This isn't really a security feature (the
> permissions themselves may be, but not just reading their state) so it
> seems better suited for some place like public-webapps.
>
> Is it necessary to distinguish between "denied" and "prompt"? If a
> permission isn't already granted I'm not sure it's any of the page's
> business whether I've denied them or not -- they should (try to) ask if
> they want to know.
>
> -Dan Veditz
>
>
Received on Thursday, 13 November 2014 10:18:15 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:08 UTC