Jim, Marcos,
On Feb 1, 2007, at 8:52 AM, ext Jim Ley wrote:
A couple of notes - I think you brush rather lightly over requirements
related to security APIs e.g. R19 and R11 are only SHOULD and MAY, I'd
like to see widgets fully address this issue of how a widget can
negotiate with a user (through preferences or whatever) access to
different API's. So I'd like to see a MUST here (of course this is a
very difficult requirement, but ...)
Regarding R11, as currently written I think this requirement is
confusing. The intent seems to be something like:
[[
An instance of the packaging format must contain a Manifest Resource
[insert link to section 3.2]". The requirements of that resource are
defined in section 3.2.
]]
Thus I would re-word R11 to something like the above and delete the
list since most if not all of them have their own requirement in
section 3.2.
Regarding R19, Jim - would you please expand on what you mean by "how
a widget can negotiate with a user"?
I certainly agree Access-Control and Security are important issues.
However, as you imply the details here are likely non-trivial.
Regards,
Art
---
