W3C | TAG | TAG Work Plan
Product: Web Application Storage
This proposed product page has not yet been reviewed by the TAG
The goal of this work is to document requirements for client-side local storage and
derive architectural principles to guide products and facilities in this space. An additional goal is to document good practices relating to the use of client-side local storage by Web Applications.
- The TAG comes to consensus on requirements for local, client-side storage mechanisms and the architectural principles that derive from them.
The analysis should include, but not necessarily be limited to consideration of:
- What are the requirements for client-side storage. For a start:
- The ability to run an application seamlessly in connected or disconnected state.
- The ability to store and manage personal information such as medical records or travel preferences on local storage for use by Web Applications.
- To meet the above requirements without tie-in to a specific browser.
- How well do existing client-side storage facilities (AppCache, Web
Storage, Indexed DB) meet these requirements: for example, how seamless
can we make the transition between Web connected and offline
applications? Which facilities best match which requirements?
- Should URIs be used for identifying locally stored data, and what should be the
relationship (if any) to URIs used for the same or similar data
elsewhere? (For example: if a Web-based email reader provides a local
database to support offline operations, is it desirable
for the same URI to be used to identify the email in the local
store as when accessed via HTTP? How does this work if the local store
is modeled as, e.g., relational?)
- How does client-side storage relate to a browser's HTTP cache? Does it require different space management algorithms and facilities?
- Privacy issues: e.g. control of access to information by other Web or non-Web applications. Granularity of access control.
- Security: protection of data in the local store. Note that "local" storage may, in fact, be stored on a Cloud, enabling additional security threats.
- The TAG publishes either full W3C Recommendation(s) or TAG
finding(s) that effectively communicates the issues
and good practices to the Web technical community.
The current thinking is that we will likely first focus on documenting
issues, and perhaps later produce additional work on requirements and best practices.
Key deliverables with dates:
- TAG Note: Issues relating to Local Storage of Data by Web Applications Due date: 1 July 2012
- The above will be the initial work in this space...others TBD. For
now, we have some hope of one or more best practices finding(s) by Dec.
- First draft for discussion: 20 March, 2012 (timed for discussion at April, 2012 F2F)
TAG Members assigned:
Ashok Malhotra, Robin Berjon, Larry Masinter, Peter Linss (maybe)
TAG Issues, Actions and Tracker Product Page
- ACTION-632: on - Ashok Malhotra - Frame issues around client-side storage work - Due: 2012-02-07 - OPEN
on - Ashok Malhotra - Draft product page on client-side storage
focusing on specific goals and success criteria Due: 2012-01-17 - Due:
2012-02-07 - OPEN
- ACTION-475: on - Ashok Malhotra - Write finding on client-side storage, DanA to review - Due: 2011-08-24 - CLOSED
on - Ashok Malhotra - (with help from Noah) build good product page for
client storage finding, identifying top questions to be answered on
client side storage - Due: 2012-01-17 - CLOSED
on - Ashok Malhotra - Review client side storage apis (web simple
storage etc.), looking for architectural issues or other critical
problems... or interesting design features the TAG should know about -
Due: 2010-03-08 - CLOSED
on - NON-CURRENT-MEMBER - Look into using new client side storage APIs
as an RDFa or tabulator data store - Due: 2010-03-17 - CLOSED
- ACTION-435: on - Jonathan Rees - Consult Tyler Close regarding UMP-informed web storage vulnerability analysis - Due: 2010-06-22 - CLOSED
on - Ashok Malhotra - Comment to web storage guys: basically all of
this is origin-based, but section 6.1 has a 'may' -- is this a door
being held open for CORS? - Due: 2010-06-15 - CLOSED
- ACTION-572: on - Yves Lafon - Look at appcache in HTML5 - Due: 2011-11-29 - OPEN
on - Ashok Malhotra - Add text covering advice equivalent to "Use of
AJAX implementation technology is not a sufficient excuse for failing to
provide first class URI identification for documents on the Web" - Due:
2011-08-11 - CLOSED
Is there an associated issue for this work? Should there be?