Thursday, May 27th, 2010

A second look at the “webbyness” of an “installable” Web App

Category: Editorial

Many in the Web community have been guarded about the notion of “apps” and what a Web app is. Google itself, via Gears and now HTML5 support, were pushing the notion of giving the browser the abilities to do app-like things…. rather than pushing for a native app runtime.

The Chrome Web Store and its .crx installable zip archive bring up the question yet again of what a web app is. is a Web app isn’t it? What is the difference between that and gmail.crx?

The notion of an app can be a little scary when we think about the current incarnations. Having centralized closed marketplaces are un-webby. However, that says nothing for the technology, but rather the policy and implementation.

Atul has written a very nice piece that dives deep into the core issues:

I am not sure exactly what webby means, but if I had to guess, it would involve the kinds of qualities that Mitchell Baker and Mark Surman believe make the web better: more transparent, participatory, decentralized, and hackable.

He goes into detail on the benefits of untethered applications, beyond “working offline”. We can get to a better place where some apps, and pieces of apps, can work very well untethered. Of course, many applications out there quickly talk to the Internet, but a disconnected cacheable world makes a lot of sense (CouchDB apps :). It feels silly to go to a simple one player game at and not be able to play because of the Internet connection. AppCache and friends go along way, but there is more.

Another key piece is permissions. As I watch folks talk about the W3C Widget Spec and the Chrome Web App manifest, permissions seems to be the crux of the matter. We need people to focus on this piece. If we can collectively crack that nut, my gut tells there will be an explosion of amazing things… and the world will make more sense.

Atul also talks about the Web of Trust:

Another area in which Installable Web Apps could decentralize the internet has to do with the field of trust. It’s currently very difficult to actually prove that a piece of Web content or functionality I created came from me, and wasn’t altered at some point by someone else. The only viable way to do this is via Secure HTTP, which requires asking an authority for permission to issue you a certificate. That this frequently involves paying them money and that the system is susceptible to corruption are besides the point. As Mark Surman mentions in a draft of Drumbeat’s mission statement:

“Ultimately, our goal is a strong, safe open internet: an internet built and backed by a massive global community committed to the idea that everyone should all be able to freely create, innovate and express ideas online without asking permission from others.”

It should be possible to prove to other people that something came from you without having to ask permission from someone else, and in this respect, even though this mechanism is part of the Web, I would argue that it is profoundly un-webby. Google’s proposal for Installable Web Applications associates an application’s identity with a public key that doesn’t require a blessing from any kind of authority; all versions of the application are self-signed by the key, which makes it far easier to establish trust between a user and an application. The trust model is also more granular and secure, because it creates a trust relationship between the user and the particular application they’re using, rather than the server they’re connecting to—which often isn’t even under a web developer’s full control. It’s because of this that we’re using a similar mechanism in Jetpack; extending it to the entire Web would be very webby, not coincidentally because it establishes a foundation for what could eventually become a web of trust.

I am really enjoying the conversations and thoughts that have come out of the strong competition from proprietary app platforms.

It feels like the scale of our movement has changed from infighting (Gecko vs. WebKit vs. Trident) to collective war (Web vs. proprietary app platforms). The Google folks who believe in the Web (Chrome++) are more aligned to what we are doing at Palm, and what Mozilla is doing…. than the Android platform. Ditto for Safari/iPhone.

The world keeps getting more interesting. The browsers have strong competition internally, and now the platform has competition.

Posted by Dion Almaer at 1:35 pm

4 rating from 2 votes


Comments feed TrackBack URI

It think it strange for google to create a closed web app store. Instead the cold have created a standard for app bundeling and discovery so that each website can host it’s own web apps. Google is good at indexing the web and it should do the same for apps, if each website can expose it’s apps to the browser the browser could detect that and present the user with an option (like the new authentication work at mozilla) to install/buy it. Payment could also be standardized so that the browser knows your preferred payment methods and that one click buying of apps is universal and open for all. This scenario would allow anyone to create a web app store by crawling the web for apps and would fit in way better with the current user experience of the web.

Comment by eli — May 27, 2010

I think part of the problem in getting web apps available offline (like in the example of the single player game) is the revenue stream. For example, I run several gaming sites that are ad-supported, and there isn’t currently a good way to monetize offline content using ads (at least not that I know of).

Comment by zulugrid — May 27, 2010

Before jumping to conclusions, Google’s spec is required reading:

These apps are really more like extensions. For now, they’re installed the same way as extensions. Probably because there is no web store yet. Which explains why they decided to create a manifest file that looks pretty similar to the extension format. I wouldn’t be surprised if this changed big time as things got moving. I see no reason why down the road we can’t have a simple meta tag pointing to a manifest file where all the web stores on the web (including google’s) simply pick it up and automatically add it. I wouldn’t be surprised if they eventually dump their spec and go with Apple’s too:

Things are just getting started.

Comment by MaratDenenberg — May 27, 2010

Looks like a dev from google addressed some of the stuff here:

Comment by MaratDenenberg — May 27, 2010

Leave a comment

You must be logged in to post a comment.