W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

widgets 1.0 requirements suggestion

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Thu, 12 Feb 2009 07:33:46 -0500
Message-Id: <5460D900-A90B-4481-AC95-9A2DAAB59867@nokia.com>
To: public-webapps <public-webapps@w3.org>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>

I have an additional suggested revision to the Widgets 1.0  
Requirements, dated 28 January [1]:

(1) R44. Signature Document Format
http://dev.w3.org/2006/waf/widgets-reqs/#r44.-signature-document-format

I suggest some changes to clarify to capture the intent that Mark  
noted [2].

(1a) Replace "used independently" with "conveyed independently"

(1b) Add after:
"A conforming specification SHOULD provide guidelines for how any  
digital signature can be used separately from a widget resource."

the following

"An example of such use is to perform certificate chain validation and  
other checks related to the signature key information, without  
necessarily validating the referenced widget content at that time.  
Risks associated with separating time of verification and validation  
steps may need consideration."


regards, Frederick

Frederick Hirsch
Nokia

[1] http://dev.w3.org/2006/waf/widgets-reqs/

[2] http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/0056.html
Received on Thursday, 12 February 2009 12:34:56 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:30 GMT