graphic with four colored squares

Permissions for Web Applications

W3C TAG F2F, April 3rd

Dominique Hazaël-Massieux


Web Apps / Native Apps

Reasons for doing native over Web:

Hardware/device integration

Two approaches


New hardware/device APIs bring new risks:

Privacy risks: Data leakage

→ Gate access to privacy sensitive APIs

Privacy risks: Fingerprinting

Privacy risks: Context Leakage

Security risks

UI mitigation

Designing new APIs

Web APIs model

How others do?

Extending Trusted Apps model to the Web?

→ change the model of the Web

Previous W3C work in this space

What do we need?

Potential role of the TAG