RE: Proposal for ISSUE-83

+1 for Art's shorter counter proposal 

Thanks,

Mark

-----Original Message-----
From: marcosscaceres@gmail.com [mailto:marcosscaceres@gmail.com] On Behalf Of Marcos Caceres
Sent: 23 April 2009 07:47
To: Arthur Barstow
Cc: Marcos Caceres; Priestley, Mark, VF-Group; Hirsch Frederick (Nokia-CIC/Boston); public-webapps
Subject: Re: Proposal for ISSUE-83

Also works for me.
Marcos
On Thursday, April 23, 2009, Arthur Barstow <Art.Barstow@nokia.com> wrote:
> A shorter counter-proposal below ...
>
> On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote:
>
>
> On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch 
> <frederick.hirsch@nokia.com> wrote:
>
> ISSUE-83 states:
> Instantiated widget should not be able to read digital signature
> http://www.w3.org/2008/webapps/track/issues/83
>
> The following is a proposal of text to add to P&C to address this 
> issue, based on text from Marcos and adding the notion of allowing 
> policy and access control mechanisms to be used:
>
> "Where a user agent that implements this specification interacts with 
> implementations of other specifications, this user agent MUST deny 
> other implementations access to digital signature documents unless an 
> access control mechanism is in place to enable access according to 
> policy. The definition of such a policy mechanism is out  of scope of 
> this specification, but may be defined to  allow access to all or 
> parts of the signature documents, or deny any such access. An 
> exception is if a user agent that implements this specification also 
> implements the OPTIONAL [Widgts-DigSig] specification, in which case 
> the user agent MUST make signature documents available to the 
> implementation of the [Widgets-DigSig] specification."
>
>
> Added under "Digital Signatures" section. If Mark is happy, then we 
> should close this issue.
>
>
> Proposed text:
>
> [[
> A user agent MUST prevent a widget from accessing the contents of a 
> digital signature document unless an access control mechanism 
> explicitly enables such access e.g. via an access control policy.
> The definition of such a policy mechanism is out of scope of this 
> specification, but may be defined to allow access to all or parts of 
> the signature documents, or deny any such access.
> ]]
>
> -Regards, Art Barstow
>
>
>
>

--
Marcos Caceres
http://datadriven.com.au

Received on Thursday, 23 April 2009 07:08:29 UTC