On 05/05/2011, at 7:13 AM, Charles McCathieNevile wrote: > On Thu, 05 May 2011 00:12:06 +0200, Bjartur Thorlacius <svartma...@gmail.com> > wrote: > >> On 5/3/11, Cameron Heavon-Jones <cmhjo...@gmail.com> wrote: > >>> There are a number of resources which are thought of having an >>> 'application' scope which may make sense to be collated into a >>> single manifest and with the ability for an agent to manage it as >>> such. >>> >> Yeah, if a single entity edits and signs multiple resources, it's >> unreasonable to trust one but not another. > > If I understand correctly, I disagree. I might trust a given entity > sometimes, or with some kinds of information, without wanting to simply say > "sure whatever you want". That's probably for the "hard-to-use mode" in the > UI, but I think it's legitimate. In practice, even given something as simple > as twitter's geolocation request I *sometimes* allow it to know where I am > and sometimes don't.
Yes, i would regard geo location to be dependant on other factors than just who is requesting the information. In private scenarios i may want an app to always have access to my location if it is just augmenting or fixing an information service around my location, but in the case of publishing like twitter i would only want to grant access to that information on a case by case basis probably defaulting to no. There is the problem with granting access to location that once it is given it can not be rescinded, at least for a unique session and not accounting for the user moving around. cam
