W3C home > Mailing lists > Public > public-device-apis@w3.org > September 2010

RE: Widgets - WARP, Widgets Updates and Digital Signatures

From: Nilsson, Claes1 <Claes1.Nilsson@sonyericsson.com>
Date: Wed, 8 Sep 2010 15:46:57 +0200
To: "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>, "public-device-apis@w3.org" <public-device-apis@w3.org>
CC: "nathan@webr3.org" <nathan@webr3.org>
Message-ID: <6DFA1B20D858A14488A66D6EEDF26AA32D5C1FB6CB@seldmbx03.corpusers.net>
Hi, 

Assuming I don't misunderstand the proposal/questions I would say:

* WARP: Might work for main browser context? 

* Digital Signatures for Widgets: I guess that using "Digital Signatures for Widgets" for normal web application running in the browser wouldn't work as this specification assumes signing of an installed package. For web applications running in main browser context the corresponding specification is xmldsig (http://www.w3.org/TR/xmldsig-core/), that makes it possible to sign defined parts of web content. However, as far as I know this specification has not been much implemented as it is considered complicated. Don't know any details.   

* Widgets Update: Don't see the meaning of this for browser context as this specification assumes an installed package. 

Regards
  Claes

> -----Original Message-----
> From: public-device-apis-request@w3.org [mailto:public-device-apis-
> request@w3.org] On Behalf Of Frederick.Hirsch@nokia.com
> Sent: den 7 september 2010 20:24
> To: public-device-apis@w3.org
> Cc: Frederick.Hirsch@nokia.com; nathan@webr3.org
> Subject: Fwd: Widgets - WARP, Widgets Updates and Digital Signatures
> 
> Forwarding with permission .
> 
> What do you think of this approach?
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> Begin forwarded message:
> 
> > From: ext Nathan <nathan@webr3.org>
> > Date: September 3, 2010 1:52:26 PM EDT
> > To: public-webapps <public-webapps@w3.org>
> > Subject: Widgets - WARP, Widgets Updates and Digital Signatures
> > Reply-To: "nathan@webr3.org" <nathan@webr3.org>
> >
> > Hi All,
> >
> > Simply wondering why WARP, Widgets Updates and Digital Signatures
> aren't
> > used to deploy js applications which run in the main browser context?
> > seems like a nice solution that would work webscale, and which would
> > provide further user security, identification of trusted apps and
> cover
> > the other half of CORS which is informing and protecting the user.
> >
> > Perhaps one of the vendors has already implemented in the main
> context?
> >
> > Best,
> >
> > Nathan
> >
> 
Received on Wednesday, 8 September 2010 13:47:37 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:14:12 GMT