Re: [Widgets] R21. Resource Declarations. Was RE: Request for Comments on Widgets 1.0 Requirements Last Call WD
Hi Bryan, On Thu, Sep 4, 2008 at 12:06 AM, Sullivan, Bryan [EMAIL PROTECTED] wrote: Hi Marcos, My response is late (the review happened just before vacation and other things...), but here it is: I'm not sure there is a semantically useful way to declare/assess resource dependencies (currently), but that would be the goal. In the meantime simple disclosure is better than the use it if it works for you, otherwise get rid of it approach. At least the user may be able to understand the significance of the disclosure. The examples I provided in the proposal illustrate common resource constraint cases: a) automated operation a.1) network-intensive applications can cost users a lot of money (a critical resource) or drain the device battery (another critical resource). Applications that are designed to operate all the time or in the background (e.g. using Ajax methods) should disclose this so that the user can decide if that's what they want to allow. If possible, the extent of resource usage (frequency of network requests, typical amount of data exchanged) should be disclosed. I fully understand that problem but this depends on the author being honest and making an informed subjective judgment on resource use/abuse of a widget. If I was an author, and I knew that this might mean that some people won't use my app, then I would not include such declarations. In other words, this system is too open to abuse/neglect as the author can simply lie and say that their widget is awesome and perfect (same problem that is seen with CC/PP: I can simply lie, and I'm sure many sites do and there is no legal consequence to lying). My position is that it should be up to the widget user agent to inform the user that a Widget is using up too many resources. I hate to subscribe to technological determinism but, another factor is phones in two years may, for example, come with 20 processors and a built in solar-nuclear-thermal-battery-reactor(tm) and carriers will give everyone unlimited download/bandwidth, so things that are considered resource intensive today, will mean very little tomorrow or ten years from now. a.2) screen updates (e.g. for phonetop widgets) and memory updates (e.g. managing content and variables) can be battery-affecting. Application designers should have some understanding of the typical effect that their applications will have on the devices they target, and make at least useful disclosures of such effects. Again, I still think that this should be handled by widget user agents for the reasons above. b) storage requirements: Web applications may manage local persistent (e.g. flash) storage of content related to the application, and may have a significant impact on the operating memory (e.g. ram) of the device. While user choice in use of the application may significantly affect the storage requirements, the developer should have some understanding of the typical storage requirements. The user could then decide based upon the disclosure, whether they want to allocate a potentially significant amount of storage to this application. The Widget 1.0 Updates specification defines an element that allows the user to be informed of the size of the update they are about to install. Also, a widget user agent could make a HEAD request to a server prior to downloading a widget package to determine its size... though I can see this doesn't exactly cover your use case. Regardless, I still see this as an implementation detail. The real goal as I mentioned would be that a policy management engine could use the declarations to determine if the application would exceed a certain policy (which the user could manage as preferences). Semantic assessment of impact would resolve the variable relative impact problem (or at least reduce it), since the assessor would know how to relate the resource declarations in the context of the host device. I agree, and some limited provisions are in place. But I still think the model is fundamentally flawed if it depends on the author being honest. In the meantime however at least some schema-defined disclosure of resource impacts could be used in a widget installer UI to inform the user of the impacts that the developer is aware of. I think such things are best left to be described by publishers and the end-user community. I.e., publishers already make it possible for users of widgets to leave comments on websites that describe if a widget sucks, uses too many resources, is slow on some particular device, etc... By looking at a typical software download site, I think its pretty clear that users make judgments about whether they download a applications based on an application's popularity and the comments left by others... or from other trusted systems of recommendation (e.g. a friend tells you that an app is really useful)... except for the poor souls who are tricked into downloading spy/malware, which the
RE: [Widgets] R21. Resource Declarations. Was RE: Request for Comments on Widgets 1.0 Requirements Last Call WD
Hi Marcos, My response is late (the review happened just before vacation and other things...), but here it is: I'm not sure there is a semantically useful way to declare/assess resource dependencies (currently), but that would be the goal. In the meantime simple disclosure is better than the use it if it works for you, otherwise get rid of it approach. At least the user may be able to understand the significance of the disclosure. The examples I provided in the proposal illustrate common resource constraint cases: a) automated operation a.1) network-intensive applications can cost users a lot of money (a critical resource) or drain the device battery (another critical resource). Applications that are designed to operate all the time or in the background (e.g. using Ajax methods) should disclose this so that the user can decide if that's what they want to allow. If possible, the extent of resource usage (frequency of network requests, typical amount of data exchanged) should be disclosed. a.2) screen updates (e.g. for phonetop widgets) and memory updates (e.g. managing content and variables) can be battery-affecting. Application designers should have some understanding of the typical effect that their applications will have on the devices they target, and make at least useful disclosures of such effects. b) storage requirements: Web applications may manage local persistent (e.g. flash) storage of content related to the application, and may have a significant impact on the operating memory (e.g. ram) of the device. While user choice in use of the application may significantly affect the storage requirements, the developer should have some understanding of the typical storage requirements. The user could then decide based upon the disclosure, whether they want to allocate a potentially significant amount of storage to this application. The real goal as I mentioned would be that a policy management engine could use the declarations to determine if the application would exceed a certain policy (which the user could manage as preferences). Semantic assessment of impact would resolve the variable relative impact problem (or at least reduce it), since the assessor would know how to relate the resource declarations in the context of the host device. In the meantime however at least some schema-defined disclosure of resource impacts could be used in a widget installer UI to inform the user of the impacts that the developer is aware of. Best regards, Bryan Sullivan | ATT -Original Message- From: Marcos Caceres [mailto:[EMAIL PROTECTED] Sent: Thursday, August 07, 2008 10:05 PM To: Sullivan, Bryan; public-webapps Subject: [Widgets] R21. Resource Declarations. Was RE: Request for Comments on Widgets 1.0 Requirements Last Call WD Hi Bryan, I'm wondering if you could help me understand R21. Resource Declarations, which was proposed in your feedback [1]: R21. Resource Declarations A conforming specification must specify a means for declaring that the instantiated widget will have an impact on sensitive device or network resources, which may impact device performance or the user experience. Motivation: Security, current development practice or industry best-practices. Rationale: To declare the resource requirements of the widget, allowing the widget user agent to respond accordingly by adjusting its resource policies and warning the end-user. Example of resource sensitive services that could require notification are automated operation involving network access or screen display, which can impact overall service cost and device battery life; or persistent storage requirements, which can affect device performance and reliability of the environment for other applications. I'm not sure I understand, from a developer's perspective, how I would declare resource use particularly because it seems so relative and subjective. For example, if I had created a widget and tested it on my super-phone I might think that it is not very resource demanding (this might be because the widget implementation running on my phone is very efficient and light weight). However, another widgets implementation might not be as efficient and hence it may use a lot of resources (but this is not the fault of the widget, it is the fault of the implementaiton). Another problem is that one phone might have limited resources by design (eg. limited RAM and storage) or because other applications are hogging resources. Maybe the requirement should be that the user agent should report to the user when a widget is hogging resources; however this seems more like something that would be best left to implementers. Can you maybe show us a usage scenario for what you have in mind for this requirement. How do you envision this would work? Kind regards, Marcos [1] http://lists.w3.org/Archives/Public/public-webapps/2008JulSep/0298.html -- Marcos Caceres http://datadriven.com.au
[Widgets] R21. Resource Declarations. Was RE: Request for Comments on Widgets 1.0 Requirements Last Call WD
Hi Bryan, I'm wondering if you could help me understand R21. Resource Declarations, which was proposed in your feedback [1]: R21. Resource Declarations A conforming specification must specify a means for declaring that the instantiated widget will have an impact on sensitive device or network resources, which may impact device performance or the user experience. Motivation: Security, current development practice or industry best-practices. Rationale: To declare the resource requirements of the widget, allowing the widget user agent to respond accordingly by adjusting its resource policies and warning the end-user. Example of resource sensitive services that could require notification are automated operation involving network access or screen display, which can impact overall service cost and device battery life; or persistent storage requirements, which can affect device performance and reliability of the environment for other applications. I'm not sure I understand, from a developer's perspective, how I would declare resource use particularly because it seems so relative and subjective. For example, if I had created a widget and tested it on my super-phone I might think that it is not very resource demanding (this might be because the widget implementation running on my phone is very efficient and light weight). However, another widgets implementation might not be as efficient and hence it may use a lot of resources (but this is not the fault of the widget, it is the fault of the implementaiton). Another problem is that one phone might have limited resources by design (eg. limited RAM and storage) or because other applications are hogging resources. Maybe the requirement should be that the user agent should report to the user when a widget is hogging resources; however this seems more like something that would be best left to implementers. Can you maybe show us a usage scenario for what you have in mind for this requirement. How do you envision this would work? Kind regards, Marcos [1] http://lists.w3.org/Archives/Public/public-webapps/2008JulSep/0298.html -- Marcos Caceres http://datadriven.com.au
