This document is the draft new charter for the current Device APIs and Policy Working Group that was submitted for review to the W3C Advisory Commitee. Please see the final new charter .
The
mission
of
the
Device
APIs
and
Policy
Working
Group
is
to
create
client-side
APIs
that
enable
the
development
of
Web
Applications
and
Web
Widgets
that
interact
with
devices
device
hardware,
services
and
applications
such
as
Calendar,
Contacts,
Camera,
etc.
Additionally,
the
group
will
produce
a
framework
for
the
expression
of
security
policies
that
govern
access
to
security-critical
APIs
(such
as
the
APIs
listed
previously).
camera,
microphone,
system
sensors,
native
address
books,
calendars
and
native
messaging
applications.
End date |
|
---|---|
Confidentiality | Proceedings are Public |
Chairs | Robin Berjon, Frederick Hirsch |
Team
Contact
(FTE %: |
Dominique
|
Usual Meeting Schedule |
Teleconferences:
1
per
week
Face-to-face: 3-4 per year (only as needed) |
In
December
2008,
the
W3C
held
a
workshop
on
Security
for
Access
to
The
Device
APIs
from
the
Working
Group
aims
at
producing
Web
.
The
goal
client-side
APIs
that
facilitate
deeper
integration
of
this
workshop
was
Web
applications
into
advanced
capabilities
of
their
host
devices.
These
capabilities
include
access
to
gather
a
camera,
microphone,
address
book,
calendar,
or
system
information
such
as
network
connection
and
experiences
in
battery
level.
Adding
these
advanced
features
to
the
device
API
space,
Web
environment
empowers
Web
developers
to
start
building
community
consensus
about
possible
standardization
work
within
W3C,
create
richer
and
to
gather
requirements
to
guide
such
work.
more
context-aware
Web
applications.
Workshop
participants
discussed
Given
the
need
for
standardization
of
technologies
that
would
be
required
to
provide
access
to
security
sensitive
APIs
from
a
web
developer's
perspective,
the
form
these
technologies
should
take,
and
the
viability
and
practicalities
of
standardizing
this
work
within
W3C.
At
the
end
nature
of
this
workshop,
the
participants
discussed
several
potential
topics
for
new
standardization
work
(see
data
and
sensors
to
which
these
APIs
grant
access,
the
Workshop
Report
for
more
details).
The
following
high
priority
topics
identified
in
this
workshop
are
addressed
in
this
charter:
Declaration
of
Working
Group
also
aims
at
crafting
APIs
such
as
Contacts
-
The
mechanisms
that
are
both
secure
and
privacy-enabling
by
which
a
widget
or
design,
based
on
the
current
Web
Application
can
declare
a
dependency
(with
possible
browser
security
consequences)
on
an
API
API
Patterns
-
What
should
be
similar
across
many
APIs,
e.g.
API
design,
error
handling
etc.
Concrete
APIs
-
Specific
APIs
that
should
be
standardized
Policy
Description
-
An
XML
(or
other)
formalism
describing
a
model.
This
entails
reusing
existing
browser-based
security
policy
for
concrete
APIs.
metaphors
where
they
apply
and
looking
into
innovative
security
and
privacy
mechanisms
where
they
don’t.
The
scope
of
this
Working
Group
is
this
creation
of
API
specifications
for
a
device's
device’s
services
that
can
be
exposed
to
Widgets
and
Web
Applications.
applications
.
Devices
in
this
context
include
desktop
computers,
laptop
computers,
mobile
internet
Internet
devices
(MIDs),
cellular
phones,
etc.
The
scope
also
includes
defining
a
framework
for
the
expression
of
security
policies
that
govern
access
of
Web
Applications
and
Widgets
to
security-critical
APIs.
To
achieve
this
goal,
the
group
will
need
to
deal
with
the
following
items:
policy
expression
proper,
identification
of
APIs
and
identification
of
Web
Applications
TVs,
cameras
and
Widgets.
Among
the
principles
that
guide
the
policy
framework
are:
Before
developing
a
new
policy
expression
language,
existing
languages
(such
as
XACML)
should
be
reviewed
for
suitability;
The
resulting
policy
model
must
be
consistent
with
the
existing
same
origin
policies
(as
documented
in
the
HTML5
specification),
in
the
sense
that
a
deployment
of
the
policy
model
in
Web
browsers
must
be
possible;
The
work
should
not
be
specific
to
either
mobile
or
desktop
environments,
but
may
take
differences
between
the
environments
into
account
Where
practical,
the
API
specifications
should
use
the
Web
IDL
formalism.
other
connected
devices.
Priority will be given to developing simple and consensual APIs, leaving more complex features to future versions.
This
Working
Group's
Group’s
deliverables
must
address
issues
of
accessibility
,
internationalization
,
mobility
,
and
security
and
privacy
.
Additionally, comprehensive test suites will be developed for each specification to ensure interoperability, and the group will create interoperability reports. The group will also maintain errata as required for the continued relevance and usefulness of the specifications it produces.
To
advance
to
Proposed
Recommendation,
each
specification
is
expected
to
have
two
independent
implementations
of
each
feature
all
features
defined
in
the
specification.
specification,
including
implementation
on
a
constrained
device
(e.g.
mobile
phone,
TV).
APIs that cannot be demonstrated to be implementable securely within the default browser context will not be released. This does not preclude these APIs to support use cases of installable Web applications.
The
management
definition
of
a
policy
framework
that
would
allow
using
the
defined
APIs
into
a
different
security
policies
(e.g.
by
remote
entities)
environment
than
the
default
browser
context
is
out
of
the
scope
of
for
this
group.
The
working
group
will
deliver
at
least
the
following
specifications:
Where practical, the API specifications should use the Web IDL formalism.
The Working Group may also enter into joint Task Forces with other groups (in particular with the Web Applications Working Group), to collaborate on specifications that cross group boundaries.
A
comprehensive
test
suite
for
all
features
of
a
specification
is
necessary
to
ensure
the
specification's
specification’s
robustness,
consistency,
and
implementability,
and
to
promote
interoperability
between
User
Agents.
Therefore,
each
specification
must
have
a
companion
test
suite,
which
should
be
completed
by
the
end
of
the
Last
Call
phase,
and
must
be
completed,
with
an
implementation
report,
before
transition
from
Candidate
Recommendation
to
Proposed
Recommendation.
Additional
tests
may
be
added
to
the
test
suite
at
any
stage
of
the
Recommendation
track,
and
the
maintenance
of
a
implementation
report
is
encouraged.
The
Working
Group
will
may
also
document
in
a
Working
Group
Note
the
useful
design
patterns
shared
by
the
APIs
it
is
developing.
The Working Group is also planning to work on Best Practices for Privacy-sensitive Web applications, as well as documenting Privacy Use Cases and Requirements in Working Group Notes.
Other non-normative documents may be created such as:
Given
sufficient
resources,
this
Working
Group
should
review
other
working
groups'
groups’
deliverables
that
are
identified
as
being
relevant
to
the
Working
Group's
Group’s
mission.
Note:
The
actual
production
of
some
of
the
deliverables
may
follow
a
different
timeline.
The
group
will
document
documents
any
schedule
changes
on
the
group
home
page
.
This
Working
Group's
Group’s
specifications
will
depend
upon
some
specifications
being
developed
by
other
Working
Groups
for
example
the
Web
Applications
Working
Group's
Group’s
Web
IDL
specification.
This
Working
Group
is
not
aware
of
any
dependencies
other
Working
Groups'
Groups’
specifications
have
on
this
Working
Group's
Group’s
specifications.
This Working Group expects to maintain contacts with at least the following groups and Activities within W3C (in alphabetical order):
The following is a tentative list of external bodies the Working Group should collaborate with:
To be successful, this Working Group is expected to have 10 or more active participants for its duration, and to have the participation of the industry leaders in fields relevant to the specifications it produces.
The Chair(s) and specification Editors are expected to contribute one to two days per week towards the Working Group. There is no minimum requirement for other participants. However, it should be noted that as defined by the Process Document , group participants need to attend most meetings, be familiar with documents and minutes of past meeting, and follow the relevant mailing lists to be considered in good standing; this is likely to require at least half a day a week.
This Working Group will also allocate the necessary resources for building Test Suites for each specification.
This Working Group welcomes participation from non-Members. The group encourages questions and comments on its public mailing list, public-device-apis@w3.org , which is publicly archived and for which there is no formal requirement for participation. The group also welcomes non-Members to contribute technical submissions for consideration, with the agreement from each participant to Royalty-Free licensing of those submissions under the W3C Patent Policy.
The
Working
Group's
Group’s
Teleconferences
will
focus
on
discussion
of
particular
specifications,
and
will
be
are
conducted
on
an
as-needed
basis.
At
least
one
teleconference
per
week
is
expected.
Most
of
the
technical
work
of
the
group
will
be
is
done
through
discussions
on
the
public-device-apis@w3.org
,
the
group's
group’s
public
mailing
list.
Editors'
Editors’
drafts
and
their
editing
history
will
be
is
available
from
a
public
W3C
web
site.
The
group's
group’s
action
and
issue
tracking
data
will
is
also
be
public,
as
will
are
the
Member-approved
participants-approved
minutes
from
all
teleconferences
and
meetings.
The
group
will
use
uses
a
Member-confidential
mailing
list
for
administrative
purposes
and,
at
the
discretion
of
the
Chairs
and
members
participants
of
the
group,
for
member-only
Member-only
discussions
in
special
cases
when
a
particular
member
participant
requests
such
a
discussion.
Information
about
the
group
(for
example,
details
about
deliverables,
issues,
actions,
status,
participants)
will
be
is
available
from
the
Device
APIs
and
Policy
Working
Group
home
page.
As
explained
in
the
Process
Document
(
section
3.3
),
this
group
will
seek
seeks
to
make
decisions
when
there
is
consensus.
When
the
Chair
puts
a
question
and
observes
dissent,
after
due
consideration
of
different
opinions,
the
Chair
should
record
a
decision
(possibly
after
a
formal
vote)
and
any
objections,
and
move
on.
This charter is written in accordance with Section 3.4, Votes of the W3C Process Document and includes no voting procedures beyond what the Process Document requires.
This Working Group operates under the W3C Patent Policy (5 February 2004 Version). To promote the widest adoption of Web standards, W3C seeks to issue Recommendations that can be implemented, according to this policy, on a Royalty-Free basis.
For more information about disclosure obligations for this group, please see the W3C Patent Policy Implementation .
This charter for this Working Group has been created according to section 6.2 of the Process Document . In the event of a conflict between this document or the provisions of any charter and the W3C Process, the W3C Process shall take precedence.
See also the previous charter for this group.
Copyright
©
2009
2010
W3C
®
(
MIT
,
ERCIM
,
Keio
),
All
Rights
Reserved.