W3C home > Mailing lists > Public > www-tag@w3.org > March 2010

Re: ACTION-401Ask WebApps to Review Taxonomy

From: Marcos Caceres <marcosc@opera.com>
Date: Wed, 17 Mar 2010 20:07:15 +0100
Message-ID: <b21a10671003171207j40cc0944s5b536256d6a30673@mail.gmail.com>
To: ashok.malhotra@oracle.com
Cc: public-webapps@w3.org, "www-tag@w3.org" <www-tag@w3.org>
(The following is my personal opinion about widgets)

On Thu, Mar 11, 2010 at 10:58 PM, ashok malhotra
<ashok.malhotra@oracle.com> wrote:
> John Kemp has kindly created A Taxonomy of Web Applications for the TAG.
> See
> http://www.w3.org/2001/tag/2010/03/web-apps-taxonomy/web-apps-taxonomy.html
> It would be good if some of the WebApps folks could review and comment.
> Also, I suspect that behind the many documents that the Web Apps WG is
> producing lies
> an architectural vision.  If someone could spend a few minutes articulating
> this vision, I think it
> would be very helpful.

I had a quick look, and just wanted to raise two points...

# Trust often established between widget and widget platform (by means
of crypto signatures)

This is not quite right: The Dig Sig spec says "Widget authors and
distributors can digitally sign widgets as a mechanism to ensure
continuity of authorship and distributorship. Prior to instantiation,
a user agent can use the digital signature to verify the integrity of
the widget package and to confirm the signing key(s)." However, this
should not be confused with "trust" in any way (e.g., an author I
trust could turn evil, or the widget could be hijacked).

# Trust often proxied by use of an "app-store" model

Again, I kinda get what you mean here, but this is not the sole
intention - and an appstore cannot really guarantee trust (as above).
There are lots of trust models that will hopefully emerge around
widgets (such as community mediated trust - where a community needs to
approve something as safe before it can be used on devices). Depending
on single points of trust is a bad thing, IMO. The central idea is
that anyone can be an app store and that (hopefully) widgets engines
will be able to get widgets from anywhere on the Web (i.e., totally
decentralized distribution model).

Marcos Caceres
Received on Wednesday, 17 March 2010 19:08:15 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:56:33 UTC