On Nov 28, 2007 7:52 PM, Kevin Marks (Google) <[EMAIL PROTECTED]> wrote: > > > User Navigation and Privacy
Add to that container authentication via JavaScript API. Apps will invariably use container-supplied user ID to identify and authenticate users. A malicious container can be created with the sole purpose of hijacking the user's identity in that application. I found no mechanism for the application to establish trust with container it is running in. Did I miss it? > Open Source > > The initial server languages under discussion are Java and > PHP, with others being considered by other containers. > Shindig proposal: > http://markmail.org/message/yzkaf33e4v3ajfwx +1 on Java, though I'm sure PHP folks probably need the help more. :) > > Application directory and installation spread > > Another area of active discussion is how to share Application > Directories between containers, and how Applications can gather users. > To some extent the policy for Application installation is dependent on > each container's policy, but standard RequestApplicationInstall() API > methods could be provided, and the container could decide how it > prompts the user. +googol on all these points. For me it is important that RequestApplicationInstall() be able to refer to an arbitrary app, rather than just the one making the call. Shouldn't be a problem with a universal/shared directory service, though parameter can also just be a gadget manifest URL. It would then be up to container policy to dictate proper course of action, probably driven by white/blacklisting status and outcome of a user conversation. -Daniel --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Implementing OpenSocial Containers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-container?hl=en -~----------~----~----~----~------~----~------~--~---
