W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2015

Re: Permissions API vs local APIs

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 6 May 2015 11:39:55 -0700
Message-ID: <CABkgnnVkMGvm3Gpo0DD=33N9wf_kSi8YGswj6e4E1VdJdp0s0Q@mail.gmail.com>
To: Doug Turner <dougt@mozilla.com>
Cc: Jonas Sicking <jonas@sicking.cc>, Anne van Kesteren <annevk@annevk.nl>, Martin Thomson <mt@mozilla.com>, Miguel Garcia <miguelg@chromium.org>, Michael van Ouwerkerk <mvanouwerkerk@google.com>, Mike West <mkwst@google.com>, WebApps WG <public-webapps@w3.org>, WebAppSec WG <public-webappsec@w3.org>, Marcos Caceres <marcos@marcosc.com>, Mounir Lamouri <mounir@lamouri.fr>
On 6 May 2015 at 11:07, Doug Turner <dougt@mozilla.com> wrote:
> On May 6, 2015, at 11:00 AM, Jonas Sicking <jonas@sicking.cc> wrote:
>
> FWIW, the permission API as it currently stands is pretty trivial to
> implement. So I don't see a reason to delay until 2017 or even Q3
> 2015.
>
>
> If the spec is ready to go (what’s anne’s worry), then lets implement it and
> remove the stuff from PushAPI.
>
> Marcos|Mounir, do you two have any thoughts on this?

Just to present an alternative...

A decentralized permissions status API would be consistent with what
we have today.

That would recognize that individual APIs already own their individual
permissions stories. Embrace that rather than fighting it.  The
permissions API could be changed to define an interface and model that
each API could apply
Received on Wednesday, 6 May 2015 18:40:22 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:13 UTC