W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

[widgets-digsig] Editors Draft update and open issues

From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
Date: Mon, 16 Mar 2009 10:35:39 -0400
Message-Id: <63D5F223-471C-44DF-B520-CFF5BD24443C@nokia.com>
To: WebApps WG <public-webapps@w3.org>
Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>
I have updated the Widgets Signature editors draft [1] according to  
the following, please review the changes:

1) Added ABNF update


See section 1.2, 5.2, 5.3 and References

2) Added ds:Reference constraint


See section 5.1 and References.

3) Clarified and updated security considerations text


See section 8.

4) Misc editorial cleanup


Security considerations as noted for 3, and clear editorial comments.


The following issues are still open (see message 743):

a) Remove "Only the first distributor signature MUST be processed." ?

I think I agree that Widgets Signature should be silent on this. if  
so, where is this going to be noted?
Agreement to remove?

b) Remove DSAwithSHA1 requirement? Status of requirement R47 (Section  
" Support for Multiple Signature Algorithms: DSA-SHA-1, RSA-SHA-1, DSA- 
SHA-256 and RSA-SHA-256."

c) I suggest removing the restatement of algorithm requirements in  
section 7.1 , specifically remove #5a and #5b.

Are there any other changes needed that we are aware of?


regards, Frederick

Frederick Hirsch

[1] http://dev.w3.org/2006/waf/widgets-digsig/
Received on Monday, 16 March 2009 14:45:15 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 February 2015 14:36:33 UTC