On Mon, Apr 16, 2012 at 7:14 AM, Lucas Adamski <ladam...@mozilla.com> wrote:
> > == Regular web content (unauthenticated) == > > == Trusted (authenticated by publisher) == > > == Certified (vouched for by trusted 3rd party) == > I don't understand these categories, could you explain them a bit further? What is the difference between trusted and certified and what process and limitations do they require? Is there a difference in security model between regular web content and installed apps? If the app is installed directly from a web app's own server (not via a third party app store), can it never get access to this API, even with the user's explicit permission? Ben -- Ben Francis http://tola.me.uk _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
