W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

Re: Proposal for ISSUE-83

From: Arthur Barstow <Art.Barstow@nokia.com>
Date: Wed, 22 Apr 2009 18:04:48 -0400
Message-Id: <1587483F-FD9D-4BB1-B41C-55953EC3B845@nokia.com>
Cc: public-webapps <public-webapps@w3.org>
To: Marcos Caceres <marcosc@opera.com>, Mark Priestley <Mark.Priestley@vodafone.com>, "Hirsch Frederick (Nokia-CIC/Boston)" <Frederick.Hirsch@nokia.com>
A shorter counter-proposal below ...

On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote:

> On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch
> <frederick.hirsch@nokia.com> wrote:
>> ISSUE-83 states:
>> Instantiated widget should not be able to read digital signature
>> http://www.w3.org/2008/webapps/track/issues/83
>>
>> The following is a proposal of text to add to P&C to address this  
>> issue,
>> based on text from Marcos and adding the notion of allowing policy  
>> and
>> access control mechanisms to be used:
>>
>> "Where a user agent that implements this specification interacts with
>> implementations of other specifications, this user agent MUST deny  
>> other
>> implementations access to digital signature documents unless an  
>> access
>> control mechanism is in place to enable access according to  
>> policy. The
>> definition of such a policy mechanism is out  of scope of this
>> specification, but may be defined to  allow access to all or parts  
>> of the
>> signature documents, or deny any such access. An exception is if a  
>> user
>> agent that implements this specification also implements the OPTIONAL
>> [Widgts-DigSig] specification, in which case the user agent MUST make
>> signature documents available to the implementation of the  
>> [Widgets-DigSig]
>> specification."
>
> Added under "Digital Signatures" section. If Mark is happy, then we
> should close this issue.

Proposed text:

[[
A user agent MUST prevent a widget from accessing the contents of
a digital signature document unless an access control mechanism
explicitly enables such access e.g. via an access control policy.
The definition of such a policy mechanism is out of scope of
this specification, but may be defined to allow access to all or
parts of the signature documents, or deny any such access.
]]

-Regards, Art Barstow
Received on Wednesday, 22 April 2009 22:06:05 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:31 GMT