[whatwg] Proposal for a web application descriptor

Cameron Heavon-Jones cmhjones at gmail.com
Thu May 5 06:37:14 PDT 2011


On 05/05/2011, at 7:13 AM, Charles McCathieNevile wrote:

> On Thu, 05 May 2011 00:12:06 +0200, Bjartur Thorlacius <svartman95 at gmail.com> wrote:
> 
>> On 5/3/11, Cameron Heavon-Jones <cmhjones at gmail.com> wrote:
> 
>>> There are a number of resources which are thought of having an 'application' scope which may make sense to be collated into a
>>> single manifest and with the ability for an agent to manage it as
>>> such.
>>> 
>> Yeah, if a single entity edits and signs multiple resources, it's
>> unreasonable to trust one but not another.
> 
> If I understand correctly, I disagree. I might trust a given entity sometimes, or with some kinds of information, without wanting to simply say "sure whatever you want". That's probably for the "hard-to-use mode" in the UI, but I think it's legitimate. In practice, even given something as simple as twitter's geolocation request I *sometimes* allow it to know where I am and sometimes don't.

Yes, i would regard geo location to be dependant on other factors than just who is requesting the information. 

In private scenarios i may want an app to always have access to my location if it is just augmenting or fixing an information service around my location, but in the case of publishing like twitter i would only want to grant access to that information on a case by case basis probably defaulting to no. 

There is the problem with granting access to location that once it is given it can not be rescinded, at least for a unique session and not accounting for the user moving around.

cam




More information about the whatwg mailing list