W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

[widgets] Digsig optimization

From: Marcos Caceres <marcosc@opera.com>
Date: Fri, 27 Feb 2009 12:48:57 +0100
Message-ID: <b21a10670902270348o7b60d8f5qbaff260234974446@mail.gmail.com>
To: "public-webapps@w3.org WG" <public-webapps@w3.org>, Frederick Hirsch <frederick.hirsch@nokia.com>, "ext Priestley, Mark, VF-Group" <Mark.Priestley@vodafone.com>
Hi Frederick, Mark,
I have a concern wrt the author signature. It seems that both the
author signature and the distributor signature need to sign every file
in the package. Does this mean that, to verify a package, you would
need to effectively verify everything in the package twice? or is
verification of the author signature optional?

Kind regards,

Marcos Caceres
Received on Friday, 27 February 2009 11:49:40 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:14 UTC