W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2016

Re: permissions.request() and publishing a new Permissions WD

From: Jan-Ivar Bruaroey <jib@mozilla.com>
Date: Mon, 29 Aug 2016 17:32:15 -0400
To: public-webappsec@w3.org
Message-ID: <0cfd6a8c-1a53-bcf3-17f2-6b3fd9845910@mozilla.com>
On 8/26/16 2:11 PM, Jeffrey Yasskin wrote:
> On Fri, Aug 26, 2016 at 12:00 AM, Marcos Caceres <marcos@marcosc.com 
> <mailto:marcos@marcosc.com>> wrote:
>
>     On August 26, 2016 at 4:54:13 PM, Anne van Kesteren
>     (annevk@annevk.nl <mailto:annevk@annevk.nl>) wrote:
>     > On Fri, Aug 26, 2016 at 1:04 AM, Jeffrey Yasskin wrote:
>     > > What do folks think?
>     >
>     > That furthering the idea that publication is somehow tied to
>     agreement
>     > is wrong. Just publish and don't use publication as
>     justification for
>     > implementation decisions.
>
>     I agree. Let's just mark things clearly where we are seeking feedback
>     or debating things. As long as things are clearly marked as
>     contentious/at-risk, it should not be a problem (it's less harmful
>     than having a rotting spec on TR).
>

I'd like to request that the following text be reinstated before 
publication [1]:

-    <p> The initial intent of this document was to allow web 
applications to
-    request and revoke permissions explicitly in addition to querying the
-    permission status. This is an aspect of the specification that was
-    controversial thus removed from the current document in a spirit of
-    incremental changes: settling on a small API that can be improved. </p>

...or in a form that recognizes revoke's and request's presence in the 
document is in spite of their controversy.

One browser already shipped revoke by accident, something this statement 
might have helped avoid.

[1] removed in https://github.com/w3c/permissions/pull/79/files

.: Jan-Ivar :.
Received on Monday, 29 August 2016 21:32:46 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:21 UTC