On 17/03/12 21:13 PM, Panos Astithas wrote:
We don't currently prompt for permission to access geolocation information
when a website changes its code, right? The trust in the web model is
implicitly placed on the author (site), not the app (code). I would think
that this better matches how the user thinks about the process.
Right. The user trusts that which is presented in summary, and couldn't
care two hoots for your "model". She simplifies what she sees into one
thing typically called brand. Which is a highly conceptual thing,
capable of encompassing and expressing "site" and "author" as well as
other things like "beta" and "always works" and "fun" and "work-like"
and and and.
In this sense, the code is irrelevant. The essence of this concept
might be reflected in google's old moto - do no evil. Whatever you
think of google's use of it (a distraction :) ) the user expects that of
her brands.
You can change the code as much as you like, but stick to your brand -
your principles, your statement, your ethos! However it is expressed.
Else I'll desert you, she says. And does!
So the *technical* or implementation task is how to extend the very
vague and conceptual thing called brand across to a particular running
instance of code that benefits the user.
One way to do this is code-signing. Another way is to have a single
site that the user knows and downloads from, or uses. A third way would
be TTPs. Obviously these all have pluses & minuses ... but I keep
coming back to Ben's requirements 1,2:
> 1) There shouldn't just be just one
> web app store run by one corporation,
> anyone should be able to run their
> own web app store and users should be
> able to install apps from stores they
> trust, without the intervention of
> Mozilla or anyone else.
> 2) Web app developers should be able
> to list their web apps in multiple app
> stores and even host their own apps on
> their own web server and have a direct
> relationship of trust with the user.
Somehow, the author and/or app has to migrate seamlessly from one store
to another... Or all the stores have to do their reviews?
You want millions of apps, thousands of developers, and hundreds and
dozens of stores. More! 100's of millions of users, too.
iang
PS: TTP == trusted third parties, like BBB in USA or S&P in finance or
Red Cross in war.
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security