W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

Re: Proposal for ISSUE-83

From: Marcos Caceres <marcosc@opera.com>
Date: Thu, 23 Apr 2009 08:47:04 +0200
Message-ID: <b21a10670904222347y5099caa4s61c6885f82b7c984@mail.gmail.com>
To: Arthur Barstow <Art.Barstow@nokia.com>
Cc: Marcos Caceres <marcosc@opera.com>, Mark Priestley <Mark.Priestley@vodafone.com>, "Hirsch Frederick (Nokia-CIC/Boston)" <Frederick.Hirsch@nokia.com>, public-webapps <public-webapps@w3.org>
Also works for me.
Marcos
On Thursday, April 23, 2009, Arthur Barstow <Art.Barstow@nokia.com> wrote:
> A shorter counter-proposal below ...
>
> On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote:
>
>
> On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch
> <frederick.hirsch@nokia.com> wrote:
>
> ISSUE-83 states:
> Instantiated widget should not be able to read digital signature
> http://www.w3.org/2008/webapps/track/issues/83
>
> The following is a proposal of text to add to P&C to address this issue,
> based on text from Marcos and adding the notion of allowing policy and
> access control mechanisms to be used:
>
> "Where a user agent that implements this specification interacts with
> implementations of other specifications, this user agent MUST deny other
> implementations access to digital signature documents unless an access
> control mechanism is in place to enable access according to policy. The
> definition of such a policy mechanism is out  of scope of this
> specification, but may be defined to  allow access to all or parts of the
> signature documents, or deny any such access. An exception is if a user
> agent that implements this specification also implements the OPTIONAL
> [Widgts-DigSig] specification, in which case the user agent MUST make
> signature documents available to the implementation of the [Widgets-DigSig]
> specification."
>
>
> Added under "Digital Signatures" section. If Mark is happy, then we
> should close this issue.
>
>
> Proposed text:
>
> [[
> A user agent MUST prevent a widget from accessing the contents of
> a digital signature document unless an access control mechanism
> explicitly enables such access e.g. via an access control policy.
> The definition of such a policy mechanism is out of scope of
> this specification, but may be defined to allow access to all or
> parts of the signature documents, or deny any such access.
> ]]
>
> -Regards, Art Barstow
>
>
>
>

-- 
Marcos Caceres
http://datadriven.com.au
Received on Thursday, 23 April 2009 06:47:51 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:31 GMT