Communications Hub F2F Minutes 2007-07-26

From MemberWiki

attendees: Coach Wei, Jon Ferraiolo, Greg Wilkins, Howard Weingram

Jon: mashup/Widget/gadget is widely talked about now. Google is a good example. They have desktop gadget, portable gadget. Portable Gadget is capable of running inside browser or desktop. We should consider how to enable "write once, and run anywhere (desktop container, mashup container, browser container, iPhone container,...)".

Greg: the harder part is "iframe inside iframe inside iframe" - multiple levels of nested containment. We should not rely on the container being the top level container only.

Howard: i am more concerned about security.

Greg: so if we come up with one nesting and security model that works for all scenarios, that'll be great.

Jon: and do it in a technology independent fashion.

Jon: we should make it possible for server side mashup without specifying server side mashup.

Greg: we need to do client side inter-frame communications, client to server, server to client, and ...client to client too?

Coach: this is a matter of scoping: from intra-frame, to inter-frame (sandbox to sandbox),client to server, and lastly client to client.

• APIs: connection status: connect, disconnect, getStatus(connection info, which server i am talking to etc)
• Messaging: pub, sub, batching
• Hub: hub version, etc.
• Access control query API: am i allowed to subscribe to blah? what access do I have? what topics are available? probably nothing can be seem by default;
• delegated to individual providers (implemented by default provider, but not specified in API): access control definition format and implementation

There is an access control provider and a communication provider;

Jon: OpenAjax reference implementation is open source, can be used by mashup framework providers if they choose to. They can also write it from scratch. but for mashup developers, they are just using the APIs.