I've received no compelling arguments to the contrary, so I'm going to update our docs to reflect this today. Lucas.
On Jul 30, 2012, at 2:41 PM, Lucas Adamski wrote: > I've received lots of feedback to the effect that using the term "Trusted" > for an app category does not clearly > communicate its purpose, especially relative to "Certified". After > discussions with the webapps PM team, Jonas and > Anant, I'm proposing that we use the term "Privileged" instead. The > consensus is that this is closer to describing the > purpose of this app category, while "trusted" (trust in general) is a user > action not an application type. > > Other names that were discussed but decided against included: > "Reviewed" - While technically accurate at this time, this would lock us into > a pretty specific (and limited) > methodology for validating these types of apps. In the future apps stores > could employ different techniques (strong > developer authentication and accountability, financial bonds, etc) that would > result in equivalent security and privacy > properties to a review process. > "Signed" - This felt like the tail wagging the dog. We determined the > privileges necessary for this category of > applications first, then chose code integrity and authentication mechanisms > commensurate to those (potential) > privileges. It would also once again limit us to potential authentication > approaches in the future. Finally, it may be > confusing as signing alone generally does not permit additional privileges > for desktop applications (outside of OS updates). > > Yes, it sucks to bikeshed this at this stage of the game, but its better to > bite the bullet and make the change now > rather than shipping with this terminology. Speaking of bikeshedding, I know > there are some strong opinions about the > need for a trusted app category, but this probably isn't the thread to reopen > that discussion. I'd like to focus on > quickly selecting the best term to describe it as currently defined > (https://wiki.mozilla.org/Apps/Security). Thanks, > Lucas. > _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
