Le mardi 10 novembre 2009 à 17:47 -0800, Maciej Stachowiak a écrit :
> I would be concerned with leaving file writing to DAP, because a
> widely held view in DAP seems to be that security can be ignored while
> designing APIs and added back later with an external "policy file"
> mechanism.
F
2009/11/12 Dominique Hazael-Massieux :
> Le mardi 10 novembre 2009 à 17:47 -0800, Maciej Stachowiak a écrit :
>> I would be concerned with leaving file writing to DAP, because a
>> widely held view in DAP seems to be that security can be ignored while
>> designing APIs and added back later with an
Berjon; public-device-a...@w3.org; public-webapps WG
Subject: DAP and security (was: Rename “File API” to “FileReader API”?)
Le mardi 10 novembre 2009 à 17:47 -0800, Maciej Stachowiak a écrit :
> I would be concerned with leaving file writing to DAP, because a
> widely held view in DAP seems
achowiak
Cc: Robin Berjon; public-device-a...@w3.org; public-webapps WG
Subject: DAP and security (was: Rename “File API” to “FileReader
API”?)
Le mardi 10 novembre 2009 à 17:47 -0800, Maciej Stachowiak a écrit :
I would be concerned with leaving file writing to DAP, because a
widely held vie
requ...@w3.org
[mailto:public-device-apis-requ...@w3.org] On Behalf Of Maciej Stachowiak
Sent: 18 November 2009 12:35
To: Marcin Hanclik
Cc: Dominique Hazael-Massieux; Robin Berjon; public-device-a...@w3.org;
public-webapps WG
Subject: Re: DAP and security (was: Rename "File API" to "F
nal Message-
> From: public-device-apis-requ...@w3.org
> [mailto:public-device-apis-requ...@w3.org
> ] On Behalf Of Dominique Hazael-Massieux
> Sent: Thursday, November 12, 2009 10:30 AM
> To: Maciej Stachowiak
> Cc: Robin Berjon; public-device-a...@w3.org; public-webapps
3.org
[mailto:public-device-apis-requ...@w3.org] On Behalf Of Maciej Stachowiak
Sent: Wednesday, November 18, 2009 4:35 AM
To: Marcin Hanclik
Cc: Dominique Hazael-Massieux; Robin Berjon; public-device-a...@w3.org;
public-webapps WG
Subject: Re: DAP and security (was: Rename "File API" t
On Wed, Nov 18, 2009 at 5:27 AM, David Rogers wrote:
> Hi Maciej,
>
> >From my side I'd like to understand what your thoughts and proposals for
> >file writing security / policy would entail - would you defer the decision
> >responsibility to the user via a prompt?
>From my point of view the an
This is a good point, and an argument for "policy" rather than
implicit user consent, if I'm not mistaken. It highlights that
usability might also be an issue with the non-modal interaction
model, as well as not always be very meaningful (since I the user
might have no idea what most direc
On Nov 18, 2009, at 5:13 PM, Frederick Hirsch wrote:
This is a good point, and an argument for "policy" rather than
implicit user consent, if I'm not mistaken. It highlights that
usability might also be an issue with the non-modal interaction
model, as well as not always be very meaningfu
On Wed, Nov 18, 2009 at 6:16 AM, Marcin Hanclik
wrote:
> The first step is to have the security concerns.
> The widget environment, BONDI etc. then encode them somehow (e.g. as device
> capability, feature etc.) creating an abstraction.
> In case of the browser, those concerns seem to be simply c
-Original Message-
From: Jonas Sicking [mailto:jo...@sicking.cc]
Sent: Wednesday, November 18, 2009 9:15 PM
To: David Rogers
Cc: Maciej Stachowiak; Marcin Hanclik; Dominique Hazael-Massieux; Robin Berjon;
public-device-a...@w3.org; public-webapps WG
Subject: Re: DAP and security (was: Rename
...@apple.com]
Sent: Thursday, November 19, 2009 2:20 AM
To: Frederick Hirsch
Cc: ext Jonas Sicking; David Rogers; Marcin Hanclik; Dominique Hazael-Massieux;
Robin Berjon; public-device-a...@w3.org; public-webapps WG
Subject: Re: DAP and security (was: Rename "File API" to "FileReader
...@access-company.com
-Original Message-
From: Adam Barth [mailto:w...@adambarth.com]
Sent: Thursday, November 19, 2009 8:42 AM
To: Marcin Hanclik
Cc: Maciej Stachowiak; Dominique Hazael-Massieux; Robin Berjon;
public-device-a...@w3.org; public-webapps WG
Subject: Re: DAP and security (was
On Thu, Nov 19, 2009 at 10:08 PM, Marcin Hanclik <
marcin.hanc...@access-company.com> wrote:
> The default settings within a browser could e.g. disable directory walking
> and file writing. But if the user changes the settings (and is warned about
> the potential security risks when switching some
Le jeudi 19 novembre 2009 à 22:39 +1300, Robert O'Callahan a écrit :
> The abstraction of the security concerns within a policy may
> allow delegation of the security to some third parties.
>
> There are usually no third parties to delegate to.
That’s true to a certain extent, but
On Thu, Nov 19, 2009 at 10:52 PM, Dominique Hazael-Massieux wrote:
> Le jeudi 19 novembre 2009 à 22:39 +1300, Robert O'Callahan a écrit :
> > There are usually no third parties to delegate to.
>
> That’s true to a certain extent, but a reason for that might well be
> that the Web platform hasn’t l
On Thu, Nov 19, 2009 at 1:08 AM, Marcin Hanclik
wrote:
> Hi Jonas,
>
> I think that it all depends on the user or the abstraction that we seem to
> have about the user.
>
> We can take the analogy to the operating system.
> OS may e.g. not be writable for the user, may have pre-defined active
>
Stachowiak; Dominique Hazael-Massieux;
Robin Berjon; public-device-a...@w3.org; public-webapps WG
Subject: Re: DAP and security (was: Rename "File API" to "FileReader API"?)
On Thu, Nov 19, 2009 at 10:08 PM, Marcin Hanclik
mailto:marcin.hanc...@access-company.com>>
Message-
From: Jonas Sicking [mailto:jo...@sicking.cc]
Sent: Thursday, November 19, 2009 11:11 AM
To: Marcin Hanclik
Cc: David Rogers; Maciej Stachowiak; Dominique Hazael-Massieux; Robin Berjon;
public-device-a...@w3.org; public-webapps WG
Subject: Re: DAP and security (was: Rename "Fil
cking; David Rogers; Marcin Hanclik; Dominique
Hazael-Massieux; Robin Berjon; public-device-a...@w3.org; public-webapps
WG
Subject: Re: DAP and security (was: Rename "File API" to "FileReader
API"?)
On Nov 18, 2009, at 5:13 PM, Frederick Hirsch wrote:
> This is a good point,
: Rename "File API" to "FileReader
API"?)
On Wed, Nov 18, 2009 at 5:27 AM, David Rogers
wrote:
> Hi Maciej,
>
> >From my side I'd like to understand what your thoughts and proposals
for file writing security / policy would entail - would you defer the
decision re
-webapps WG
Subject: Re: DAP and security (was: Rename "File API" to "FileReader API"?)
On Wed, Nov 18, 2009 at 6:16 AM, Marcin Hanclik
wrote:
> The first step is to have the security concerns.
> The widget environment, BONDI etc. then encode them somehow (e.g. as device
security (was: Rename "File API" to "FileReader API"?)
Le jeudi 19 novembre 2009 à 22:39 +1300, Robert O'Callahan a écrit :
> The abstraction of the security concerns within a policy may
> allow delegation of the security to some third parties.
ps WG
Subject: Re: DAP and security (was: Rename "File API" to "FileReader API"?)
On Thu, Nov 19, 2009 at 10:52 PM, Dominique Hazael-Massieux wrote:
Le jeudi 19 novembre 2009 à 22:39 +1300, Robert O'Callahan a écrit :
> There are usually no third partie
On Thu, Nov 19, 2009 at 11:54 PM, David Rogers wrote:
> *From:* rocalla...@gmail.com [mailto:rocalla...@gmail.com] *On Behalf Of
> *Robert
> O'Callahan
>
>
>
> On Thu, Nov 19, 2009 at 10:52 PM, Dominique Hazael-Massieux
> wrote:
>
> Le jeudi 19 novembre 2009 à 22:39 +1300, Robert O'Callahan a éc
: Rename "File API" to "FileReader
API"?)
On Thu, Nov 19, 2009 at 1:08 AM, Marcin Hanclik
wrote:
> Hi Jonas,
>
> I think that it all depends on the user or the abstraction that we
seem to have about the user.
>
> We can take the analogy to the operating system.
&g
: DAP and security (was: Rename "File API" to "FileReader API"?)
On Thu, Nov 19, 2009 at 11:54 PM, David Rogers wrote:
From: rocalla...@gmail.com [mailto:rocalla...@gmail.com] On Behalf Of
Robert O'Callahan
On Thu, Nov 19, 2009 at 10:52
ue Hazael-Massieux; Robin Berjon;
> public-device-a...@w3.org; public-webapps WG
> Subject: Re: DAP and security (was: Rename "File API" to "FileReader API"?)
>
> I'm skeptical that this approach will lead to a secure API for file
> access. Abstracting the
ieux; Robin
> Berjon; public-device-a...@w3.org; public-webapps WG
> Subject: Re: DAP and security (was: Rename "File API" to "FileReader
> API"?)
>
> Third, we'll have to spend efforts maintaining the code, even though
> it benefits only a small number of peo
30 matches
Mail list logo
