[scripting] management interface

Following on from today’s scripting call, I thought it might be helpful to summarise my understanding.

There are use cases where you want to be able to manage the things on another device. One such use case is where you are using a web browser and want to install an app on your smart home hub. Another use case is where a device behind the home firewall wants to republish itself on a server on the Internet. A similar use case is where a device accessed using one communications technology wants to provide services to nearby devices that don’t have support for that technology. The solution is for the first device to republish itself as a thing on a gateway, e.g. a home hub.

This generates requirements for a remote management interface, in particular, to install, start, stop, upgrade and uninstall a thing. This further needs to cater for both publishing a new thing, and for publishing a thing as a proxy for another thing.

For the first use case, a web application from the Internet shouldn’t be able to access your smart home hub. Instead, the browser exposes an interface that allows the web application to provide a button or other affordance for the user to activate. The interface passes the URI for the WoT app to the browser, which in turn asks the user for confirmation and then uses the management interface to install the WoT app on the hub. This preserves the same origin security principle by delegating the installation process to the trusted browser and requiring explicit user confirmation.

The management interface would pass the URI for the thing to the hub, and leave it to the hub to download the thing’s implementation from the Internet. This might involve OAuth or a similar mechanism, to give the hub the right to do so on behalf of the user.

The management interface could be implemented on top of HTTPS, which raises the question of TLS certificates for the smart home hub.

Dave Raggett <dsr@w3.org> http://www.w3.org/People/Raggett
W3C lead for the Web of things