The mission of the Device APIs and Policy Working Group is to create client-side APIs that enable the development of Web Applications and Web Widgets that interact with devices services such as Calendar, Contacts, Camera, etc. Additionally, the group will produce a framework for the expression of security policies that govern access to security-critical APIs (such as the APIs listed previously).
End date | 31 July 2011 |
---|---|
Confidentiality | Proceedings are Public |
Chairs | Robin Berjon, Frederick Hirsch |
Team Contact (FTE %: 30) |
Dominique Hazaël-Massieux, Thomas Roessler |
Usual Meeting Schedule | Teleconferences: 1 per week Face-to-face: 3-4 per year (only as needed) |
In December 2008, the W3C held a workshop on Security for Access to Device APIs from the Web. The goal of this workshop was to gather information and experiences in the device API space, to start building community consensus about possible standardization work within W3C, and to gather requirements to guide such work.
Workshop participants discussed the need for standardization of technologies that would be required to provide access to security sensitive APIs from a web developer's perspective, the form these technologies should take, and the viability and practicalities of standardizing this work within W3C. At the end of this workshop, the participants discussed several potential topics for new standardization work (see the Workshop Report for more details).
The following high priority topics identified in this workshop are addressed in this charter:
The scope of this Working Group is this creation of API specifications for a device's services that can be exposed to Widgets and Web Applications. Devices in this context include desktop computers, laptop computers, mobile internet devices (MIDs), cellular phones, etc.
The scope also includes defining a framework for the expression of security policies that govern access of Web Applications and Widgets to security-critical APIs. To achieve this goal, the group will need to deal with the following items: policy expression proper, identification of APIs and identification of Web Applications and Widgets. Among the principles that guide the policy framework are:
Where practical, the API specifications should use the Web IDL formalism.
Priority will be given to developing simple and consensual APIs, leaving more complex features to future versions.
This Working Group's deliverables must address issues of accessibility, internationalization, mobility, and security.
Additionally, comprehensive test suites will be developed for each specification to ensure interoperability, and the group will create interoperability reports. The group will also maintain errata as required for the continued relevance and usefulness of the specifications it produces.
To advance to Proposed Recommendation, each specification is expected to have two independent implementations of each feature defined in the specification.
The management of security policies (e.g. by remote entities) is out of scope of this group.
The working group will deliver at least the following specifications:
The Working Group may also enter into joint Task Forces with other groups (in particular with the Web Applications Working Group), to collaborate on specifications that cross group boundaries.
A comprehensive test suite for all features of a specification is necessary to ensure the specification's robustness, consistency, and implementability, and to promote interoperability between User Agents. Therefore, each specification must have a companion test suite, which should be completed by the end of the Last Call phase, and must be completed, with an implementation report, before transition from Candidate Recommendation to Proposed Recommendation. Additional tests may be added to the test suite at any stage of the Recommendation track, and the maintenance of a implementation report is encouraged.
The Working Group will also document in a Working Group Note the useful design patterns shared by the APIs it is developing.
Other non-normative documents may be created such as:
Given sufficient resources, this Working Group should review other working groups' deliverables that are identified as being relevant to the Working Group's mission.
Note: The actual production of some of the deliverables may follow a different timeline. The group will document any schedule changes on the group home page.
This Working Group's specifications will depend upon some specifications being developed by other Working Groups for example the Web Applications Working Group's Web IDL specification.
This Working Group is not aware of any dependencies other Working Groups' specifications have on this Working Group's specifications.
This Working Group expects to maintain contacts with at least the following groups and Activities within W3C (in alphabetical order):
Furthermore, this Working Group expects to follow the following W3C Recommendations, Guidelines and Notes and, if necessary, to liaise with the communities behind the following documents:
The following is a tentative list of external bodies the Working Group should collaborate with:
To be successful, this Working Group is expected to have 10 or more active participants for its duration, and to have the participation of the industry leaders in fields relevant to the specifications it produces.
The Chair(s) and specification Editors are expected to contribute one to two days per week towards the Working Group. There is no minimum requirement for other participants. However, it should be noted that as defined by the Process Document, group participants need to attend most meetings, be familiar with documents and minutes of past meeting, and follow the relevant mailing lists to be considered in good standing; this is likely to require at least half a day a week.
This Working Group will also allocate the necessary resources for building Test Suites for each specification.
This Working Group welcomes participation from non-Members. The group encourages questions and comments on its public mailing list, public-device-apis@w3.org, which is publicly archived and for which there is no formal requirement for participation. The group also welcomes non-Members to contribute technical submissions for consideration, with the agreement from each participant to Royalty-Free licensing of those submissions under the W3C Patent Policy.
The Working Group's Teleconferences will focus on discussion of particular specifications, and will be conducted on an as-needed basis. At least one teleconference per week is expected.
Most of the technical work of the group will be done through discussions on the public-device-apis@w3.org, the group's public mailing list. Editors' drafts and their editing history will be available from a public W3C web site. The group's action and issue tracking data will also be public, as will the Member-approved minutes from all teleconferences and meetings.
The group will use a Member-confidential mailing list for administrative purposes and, at the discretion of the Chairs and members of the group, for member-only discussions in special cases when a particular member requests such a discussion.
Information about the group (for example, details about deliverables, issues, actions, status, participants) will be available from the Device APIs and Policy Working Group home page.
As explained in the Process Document (section 3.3), this group will seek to make decisions when there is consensus. When the Chair puts a question and observes dissent, after due consideration of different opinions, the Chair should record a decision (possibly after a formal vote) and any objections, and move on.
This charter is written in accordance with Section 3.4, Votes of the W3C Process Document and includes no voting procedures beyond what the Process Document requires.
This Working Group operates under the W3C Patent Policy (5 February 2004 Version). To promote the widest adoption of Web standards, W3C seeks to issue Recommendations that can be implemented, according to this policy, on a Royalty-Free basis.
For more information about disclosure obligations for this group, please see the W3C Patent Policy Implementation.
This charter for this Working Group has been created according to section 6.2 of the Process Document. In the event of a conflict between this document or the provisions of any charter and the W3C Process, the W3C Process shall take precedence.
Copyright© 2009 W3C® (MIT, ERCIM, Keio), All Rights Reserved.