Hi all, I took a stab at summarizing some of the points made in the thread. The wiki page can be found here https://wiki.mozilla.org/Apps/Security
There is likely many things missing from the wiki page and the requirements are probably incomplete. Please correct any errors I have made on positions you argued for. David Chan ----- Original Message ----- > From: "Chris Lee" <[email protected]> > To: "lkcl luke" <[email protected]> > Cc: [email protected], "Matthew S. Finifter" > <[email protected]>, [email protected], > "Fabrice Desré" <[email protected]>, "Ben Francis" <[email protected]>, > "Lucas Adamski" <[email protected]>, > "Mozilla B2G mailing list" <[email protected]>, "Dean Landolt" > <[email protected]>, "Adam Barth" > <[email protected]>, "Jonas Sicking" <[email protected]>, "Adrienne > Porter Felt" <[email protected]>, "Jim > Straus" <[email protected]> > Sent: Monday, March 12, 2012 10:04:29 AM > Subject: Re: [b2g] Permissions model thoughts > > Hi all, > > The team will be putting together and documenting a proposal for the > overall permissions/security/privacy model for B2G. > > At this time, the mailing list and email threads are to openly > discuss ideas around what the overall team believes are key needs > for this work. > > The goal is to work closely with the community and larger team to > ensure we're not missing important requirements and then > prioritize/focus on what needs to be built based on the timeline > we've agreed upon with our partners. > > Feel free to ping me if you any specific questions on the > roadmap/schedule. > > Thanks, > Chris > > > On Mar 11, 2012, at 6:48 AM, lkcl luke wrote: > > > On Sun, Mar 11, 2012 at 1:43 PM, Dean Landolt > > <[email protected]> wrote: > > > >> Regardless of the prompts and dialogs chosen it's critical -- for > >> both devs > >> and laymen -- to be able to able to get quick access to a detailed > >> list of > >> capability grants for any given application from the application > >> itself. And > >> not just for b2g and mobile -- it should be right there with > >> view-source, > >> fundamental to gecko. > > > > again, it is worth repeating: this recommended requirement needs to > > be FORMALLY PLACED onto an OFFICIAL DOCUMENT. > > > > could someone please for the love of god take responsibility for > > that > > task and actually make an announcement "we have created a wiki page > > here {insert location} and are coordinating all requirements at > > that > > specific location". > > > > if you do not have anyone who is actually doing that nor does > > anyone > > have time to actually do so then it is indicative that the B2G > > project > > requires an additional funded post, paid for by the mozilla > > foundation, doesn't it? > > > > you cannot leave something like the security model of the B2G > > system > > run along as an "arbitrary meandering path" that is completely > > uncoordinated. it's too fundamental and critical to the success of > > the project. > > > > l. > > _______________________________________________ > > dev-b2g mailing list > > [email protected] > > https://lists.mozilla.org/listinfo/dev-b2g > > _______________________________________________ > dev-webapps mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-webapps > _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
