874
edits
Labs/Ubiquity/0.2 Design: UI and Security Extensibility: Difference between revisions
Labs/Ubiquity/0.2 Design: UI and Security Extensibility (view source)
Revision as of 01:30, 17 February 2009
, 17 February 2009Added breadcrumb
(replaced "limited" w/ "restricted" to tie-in example w/ diagram) |
m (Added breadcrumb) |
||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
Back to [[Labs/Ubiquity]]. | |||
== Introduction == | == Introduction == | ||
| Line 8: | Line 10: | ||
The implementation of (1) will involve providing a well-documented API for external UIs to plug into. The implementation of (2) will involve providing a "feed plugin" mechanism through which new types of Ubiquity feeds can be created that use entirely different security models than Ubiquity's default. | The implementation of (1) will involve providing a well-documented API for external UIs to plug into. The implementation of (2) will involve providing a "feed plugin" mechanism through which new types of Ubiquity feeds can be created that use entirely different security models than Ubiquity's default. | ||
Both of these solutions invite | Both of these solutions invite anyone to create and implement new ideas to further the conversation about using the browser to connect web services together in a safe, humane way. | ||
Before reading the rest of this document, it may be helpful for readers to understand the [[Labs/Ubiquity/Ubiquity_0.1.3_Architecture|Ubiquity 0.1.3 Architecture]]. | Before reading the rest of this document, it may be helpful for readers to understand the [[Labs/Ubiquity/Ubiquity_0.1.3_Architecture|Ubiquity 0.1.3 Architecture]]. | ||
| Line 16: | Line 18: | ||
Below is the proposed architectural diagram for 0.2. Its individual parts are explained in the following sections of this document. | Below is the proposed architectural diagram for 0.2. Its individual parts are explained in the following sections of this document. | ||
[[Image:Ubiquity_0. | [[Image:Ubiquity_0.2_Architecture_Proposal_3.png]] | ||
== UI Extensibility == | == UI Extensibility == | ||
All UI components will interact with the '''UI Manager''' depicted in the proposed architectural diagram, which essentially serves as a [http://en.wikipedia.org/wiki/Facade_pattern facade] to Ubiquity's functionality. | All UI components will interact with the '''UI Manager''' depicted in the proposed architectural diagram, which essentially serves as a [http://en.wikipedia.org/wiki/Facade_pattern facade] to Ubiquity's functionality. | ||
An example third-party client of the UI Manager API would be Aza's [http://azarask.in/verbs/mouse/ Experimental Mouse-Based Ubiquity] feed. | |||
Given a selection, clients of the UI Manager should be able to: | Given a selection, clients of the UI Manager should be able to: | ||
| Line 54: | Line 58: | ||
== Security Extensibility == | == Security Extensibility == | ||
The main idea here is to decouple Ubiquity's user interface from its implementation so that it's easier to experiment with more secure implementations. | The main idea here is to decouple the security-related portion of Ubiquity's user interface and execution model from its implementation so that it's easier to experiment with more secure implementations. | ||
In Ubiquity 0.1, command authors create a command feed by inserting an tag of the following form in the <tt><nowiki><HEAD></nowiki></tt> element of an HTML document: | In Ubiquity 0.1, command authors create a command feed by inserting an tag of the following form in the <tt><nowiki><HEAD></nowiki></tt> element of an HTML document: | ||
| Line 70: | Line 74: | ||
Requirement (1) will provide Feed Plugins with the freedom to implement whatever security model they need, while requirements (2) and (3) will give them the ability to present that model to the end-user in an understandable way. | Requirement (1) will provide Feed Plugins with the freedom to implement whatever security model they need, while requirements (2) and (3) will give them the ability to present that model to the end-user in an understandable way. | ||
Ubiquity 0.2 will contain | Ubiquity 0.2 will contain two built-in Feed Plugins: | ||
* The '''Default Command Feed Plugin''' encapsulates Ubiquity 0.1's implementation for command feeds, which assumes that all subscribed-to command feeds are trusted and gives them full control over the end-user's system; it also warns the user when they attempt to subscribe to a feed that's served by an untrusted host or is sent over an insecure connection. | |||
* The '''Locked-Down Command Feed Plugin''' is a trivial proof-of-concept Feed Plugin that can be used to create simple commands that operate on plaintext and don't use the network, such as "uppercase". While completely secure, it's also extremely restrictive. | |||
The aim of 0.2 is to provide the infrastructure and tools for new, secure yet flexible Feed Plugins to arise that will eventually replace the default. | |||
Possibilities for Feed Plugins include: | Possibilities for Feed Plugins include: | ||