W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

Re: [widgets] Comments on Widget Signature update (was RE: Widget Signature update)

From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
Date: Tue, 17 Mar 2009 15:33:42 -0400
Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>, Thomas Roessler <tlr@w3.org>, "ext Priestley, Mark, VF-Group" <Mark.Priestley@vodafone.com>, WebApps WG <public-webapps@w3.org>
Message-Id: <18FC2F07-64DC-4031-9777-538EE995AD68@nokia.com>
To: ext Marcos Caceres <marcosc@opera.com>
Marcos

Rather than replicating this, which might be error prone and hard to  
maintain, perhaps Widget Signature should reference P & C for this.  
What do you think ?

regards, Frederick


On Mar 17, 2009, at 8:15 AM, ext Marcos Caceres wrote:

>
> Hi Frederick,
>
> On 3/17/09 1:01 PM, Frederick Hirsch wrote:
>> The latest draft includes the revised text from Thomas.
>>
>> Marcos, are you suggesting we add something more? It sounds like what
>> you are saying here, is that it should be a valid widget file. Isn't
>> that part of P&C checking? I'm not sure what it means to check that  
>> the
>> paths are "as secure as possible."
>
> You might want to check the following section of the P&C [1] and see  
> if
> it is usable in dig sigs. Given that the paths in the <reference>
> elements MUST be zip-relative-paths, the rules for checking the  
> validity
> of those paths may apply to the Widgets Dig Sig spec.
>
>
> [1] http://dev.w3.org/2006/waf/widgets/#zip-relative-paths
>

regards, Frederick

Frederick Hirsch
Nokia
Received on Tuesday, 17 March 2009 19:35:06 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:30 GMT