W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2008

widgets signature abstract - proposed change

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Wed, 17 Dec 2008 19:19:36 -0500
Message-Id: <5AACF9E5-351E-4A6C-8463-960F688725B9@nokia.com>
To: public-webapps <public-webapps@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, Marcos Caceres <marcosscaceres@gmail.com>, VF-Group ext Priestley Mark <Mark.Priestley@vodafone.com>

Suggested changes to widgets signature Abstract:

Change

"Prior to instantiation, a widget user agent can use the digital  
signature to verify the authenticity and data integrity of the files  
in a widget resource. In the rare case where a widget damages the end- 
user's device, the digital signature may provide a user with legal  
recourse to prove that a widget resource was signed by a particular  
author or publisher."

to

"Prior to instantiation, a widget user agent can use the digital  
signature to verify the integrity of the widget resource, and validate  
the source of the resource, such as the author or publisher. This  
document summarizes how XML Signature and X.509 Certificate  
technologies may be used for integrity and source authentication of a  
widget resource, and notes compliance requirements on both widget  
resources and widget user agents."

I would argue that legal issues related to a widget damaging a device  
are not central to this specification and need not be mentioned in the  
abstract, but that the purpose of the document should be. (Moreover a  
signature would only service as one aspect of a dispute resolution  
process).

regards, Frederick

Frederick Hirsch
Nokia
Received on Thursday, 18 December 2008 00:20:41 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:29 GMT