WebAPI/Security/Contacts: Difference between revisions

WebAPI/Security/Contacts (view source)

7 bytes added , 25 June 2012

m

no edit summary

Confirmed users

717

edits

@@ Line 13: / Line 13: @@
 === Regular web content (unauthenticated) ===
-Use cases for unauthenticated code: Mediated access limited contact
+Use cases for unauthenticated code: Mediated access to specific (user selected) contact
-information<br>
+information
 Authorization model for uninstalled web content: OS mediated (web
 activities, or trusted UI)<br>
 Authorization model for installed web content: OS mediated (web
-activities, or trusted UI)<br>
+activities, or trusted UI)
 Potential mitigations:
@@ Line 25: / Line 26: @@
 === Trusted (authenticated by publisher) ===
-Use cases for authenticated code: Create,read or edit contact information<br>
+Use cases for authenticated code: Create, read or edit contact information
-Authorization model: Explicit<br>
+Authorization model: Explicit
 Potential mitigations:
 * Let user configure what data is accessible (globally?)
@@ Line 34: / Line 37: @@
 === Certified (vouched for by trusted 3rd party) ===
-Use cases for certified code: Create,read or edit contact information<br>
+Use cases for certified code: Create, read or edit contact information
 Authorization model: Implicit
 Potential mitigations: None