W3C | TAG | TAG Work Plan

Product: Web Application Storage

This proposed product page has not yet been reviewed by the TAG

Goals

The goal of this work is to document requirements for client-side local storage and derive architectural principles to guide products and facilities in this space. An additional goal is to document good practices relating to the use of client-side local storage by Web Applications.

Success criteria

• The TAG comes to consensus on requirements for local, client-side storage mechanisms and the architectural principles that derive from them. The analysis should include, but not necessarily be limited to consideration of:
  • What are the requirements for client-side storage. For a start:
    • The ability to run an application seamlessly in connected or disconnected state.
    • The ability to store and manage personal information such as medical records or travel preferences on local storage for use by Web Applications.
    • To meet the above requirements without tie-in to a specific browser.
  • How well do existing client-side storage facilities (AppCache, Web Storage, Indexed DB) meet these requirements: for example, how seamless can we make the transition between Web connected and offline applications? Which facilities best match which requirements?
  • Should URIs be used for identifying locally stored data, and what should be the relationship (if any) to URIs used for the same or similar data elsewhere? (For example: if a Web-based email reader provides a local database to support offline operations, is it desirable for the same URI to be used to identify the email in the local store as when accessed via HTTP? How does this work if the local store is modeled as, e.g., relational?)
  • How does client-side storage relate to a browser's HTTP cache? Does it require different space management algorithms and facilities?
  • Privacy issues: e.g. control of access to information by other Web or non-Web applications. Granularity of access control.
  • Security: protection of data in the local store. Note that "local" storage may, in fact, be stored on a Cloud, enabling additional security threats.
• The TAG publishes either full W3C Recommendation(s) or TAG finding(s) that effectively communicates the issues and good practices to the Web technical community. The current thinking is that we will likely first focus on documenting issues, and perhaps later produce additional work on requirements and best practices.

Key deliverables with dates:

• TAG Note: Issues relating to Local Storage of Data by Web Applications Due date: 1 July 2012
• The above will be the initial work in this space...others TBD. For now, we have some hope of one or more best practices finding(s) by Dec. 2012

Schedules:

• First draft for discussion: 20 March, 2012 (timed for discussion at April, 2012 F2F)

TAG Members assigned:

Ashok Malhotra, Robin Berjon, Larry Masinter, Peter Linss (maybe)

Working documents:

• Client-Side Storage (slides prepared by Ashok Malhotra for the 6-8 June 2011 TAG F2F)

TAG Issues, Actions and Tracker Product Page

• ACTION-632: on - Ashok Malhotra - Frame issues around client-side storage work - Due: 2012-02-07 - OPEN
• ACTION-647: on - Ashok Malhotra - Draft product page on client-side storage focusing on specific goals and success criteria Due: 2012-01-17 - Due: 2012-02-07 - OPEN
• ACTION-475: on - Ashok Malhotra - Write finding on client-side storage, DanA to review - Due: 2011-08-24 - CLOSED
• ACTION-523: on - Ashok Malhotra - (with help from Noah) build good product page for client storage finding, identifying top questions to be answered on client side storage - Due: 2012-01-17 - CLOSED
• ACTION-354: on - Ashok Malhotra - Review client side storage apis (web simple storage etc.), looking for architectural issues or other critical problems... or interesting design features the TAG should know about - Due: 2010-03-08 - CLOSED
• ACTION-392: on - NON-CURRENT-MEMBER - Look into using new client side storage APIs as an RDFa or tabulator data store - Due: 2010-03-17 - CLOSED
• ACTION-435: on - Jonathan Rees - Consult Tyler Close regarding UMP-informed web storage vulnerability analysis - Due: 2010-06-22 - CLOSED
• ACTION-438: on - Ashok Malhotra - Comment to web storage guys: basically all of this is origin-based, but section 6.1 has a 'may' -- is this a door being held open for CORS? - Due: 2010-06-15 - CLOSED
• ACTION-572: on - Yves Lafon - Look at appcache in HTML5 - Due: 2011-11-29 - OPEN
• ACTION-586: on - Ashok Malhotra - Add text covering advice equivalent to "Use of AJAX implementation technology is not a sufficient excuse for failing to provide first class URI identification for documents on the Web" - Due: 2011-08-11 - CLOSED

Is there an associated issue for this work? Should there be?