Hi All, I updated the security model wiki page to reflect the things we talked about in the late-May thread. The changes were pretty minor since, as a few people pointed out, the underpinnings of the privacy updates were already considered in the model! Here's a diff:
https://wiki.mozilla.org/index.php?title=Apps/Security&diff=446856&oldid=441197 There are still a few open issues that I think we can easily iron out. 1. For untrusted apps, should we show data usage intentions (rationale) as permissions are requested? These strings are not reviewed by an app store, but as Adrienne pointed out, the value may outweigh the risk of deception. 2. Format of the field in the manifest. I propose the field name be "Intended Use", and the value be 128 characters (to keep it easy to read). Sound good? 3. How will users be able to access usage intentions for permissions that are implicit or for certified apps? Currently they can read the manifest, but will we build an easier way for them to find 'em at runtime? 4. In the developer documentation, should we provide a suggested formula for the usage intentions? (e.g., "We want {permission} to obtain {data type} which we will keep {how long and where kept}") or should we provide some pre-written examples for each permission? This may be too difficult to get right, but should we try? Finally, there's one technical follow-up for the manifest. Does the below proposal sound like a reasonable approach? I like it. 5. How can these strings be localized into the app runtime's chosen locale? ianb suggested: { name: "Stachy (beta)", permissions: { "camera": {usage: "To spy on you while you are sleeping"} }, locales: { "es": { permissions: { "camera": {usage: "Para espiar a usted mientras usted está durmiendo"} } } }, default_locale: "en-US" } Cheers, Sid _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
