ISSUE-230
Clarifications for 7.4.2 (software installation)
- State:
- CLOSED
- Product:
- wsc-xit
- Raised by:
- Thomas Roessler
- Opened on:
- 2009-09-21
- Description:
- From LC-2257:
7.4.2
What if the installation-related security aspects are controlled by the underlying security policy?
[4], specifically its section 3.2.3 is just FYI.
[4] http://bondi.omtp.org/1.01/security/BONDI_Architecture_and_Security_v1_01.pdf
From LC-2255:
> Web user agents MUST NOT expose programming interfaces which permit installation of software without a user intervention.
What does it mean to install software?
> Web user agents MUST inform the user and request consent when web content attempts to install software outside of the browser environment.
Why can't the user agent simply ignore these attempts?
> Web user agents MAY inform the user when web content attempts to execute software outside of the agent environment.
What is the agent environment? For example, does follow a mailto link
fall under this requirement given that seems to execute the user's
default mail software outside the user agents environment
- Related Actions Items:
- No related actions
- Related emails:
- Agenda: WSC WG distributed meeting, Wednesday, 2009-10-07 (from mzurko@us.ibm.com on 2009-10-06)
- ISSUE-230: Clarifications for 7.4.2 (software installation) [wsc-xit] (from sysbot+tracker@w3.org on 2009-09-21)
Related notes:
Dealt with in dealing with Last Call comments.
Thomas Roessler, 22 Feb 2010, 19:42:05Display change log