- From: Dominique Hazael-Massieux <dom@w3.org>
- Date: Thu, 19 Nov 2009 10:52:01 +0100
- To: robert@ocallahan.org
- Cc: Marcin Hanclik <Marcin.Hanclik@access-company.com>, Jonas Sicking <jonas@sicking.cc>, David Rogers <david.rogers@omtp.org>, Maciej Stachowiak <mjs@apple.com>, Robin Berjon <robin@berjon.com>, "public-device-apis@w3.org" <public-device-apis@w3.org>, public-webapps WG <public-webapps@w3.org>
Le jeudi 19 novembre 2009 à 22:39 +1300, Robert O'Callahan a écrit : > The abstraction of the security concerns within a policy may > allow delegation of the security to some third parties. > > There are usually no third parties to delegate to. Thatâs true to a certain extent, but a reason for that might well be that the Web platform hasnât left enough room for third parties in that realm. One could very well imagine that by allowing a certain level of abstraction in security concerns, we would allow businesses to offer guarantees against data-loss or data-thief if the user install a third-party extension that would check Web sites based on a number of their security aspects. Iâm pretty sure I donât like all the implications of such a system, and Iâm generally rather in the skeptic side when it comes to the use of a full-blown policy framework for the Web; but I donât think itâs fair to conclude that it is not useful simply based on the fact that it hasnât been put to use yet, esp. if itâs currently difficult or impossible to put it to use. Dom
Received on Thursday, 19 November 2009 09:52:29 UTC