W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

Re: [widget-digsig] changed widget signature files processing rule in section 4

From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
Date: Thu, 19 Mar 2009 10:24:33 -0400
Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>, WebApps WG <public-webapps@w3.org>
Message-Id: <9205C8C0-C4C9-433E-BDBE-CE92B929F0E2@nokia.com>
To: "ext Priestley, Mark, VF-Group" <Mark.Priestley@vodafone.com>
I think the current text is clearer since it make clear which  
direction to process the list, which would be ambiguous otherwise.

regards, Frederick

Frederick Hirsch
Nokia



On Mar 19, 2009, at 9:40 AM, ext Priestley, Mark, VF-Group wrote:

> Hi Frederick,
>
> Small comment. I would change the sentence:
>
> "Process the digital signatures in the signatures list in descending  
> order, with distributor signatures first."
>
> to
>
> "Process the digital signatures in the signatures list in list order  
> starting with the first file-entry." or something similar
>
> (They should already be in descending order, with distributor  
> signatures first, as list has been sorted in previous steps.)
>
> Thanks,
>
> Mark
>
>
>
> From: public-webapps-request@w3.org [mailto:public-webapps-request@w3.org 
> ] On Behalf Of Frederick Hirsch
> Sent: 18 March 2009 21:07
> To: WebApps WG
> Cc: Frederick Hirsch
> Subject: [widget-digsig] changed widget signature files processing  
> rule in section 4
>
> I have updated the latest Widget Signature editors draft section 4  
> (locating and processing digital signatures) to no longer require  
> the first signature to be processed.
>
> http://dev.w3.org/2006/waf/widgets-digsig/#locating-signatures
>
> The language is now (numbering ok in draft):
>
> 	
> Process the digital signatures in the signatures list in descending  
> order, with distributor signatures first.
>
> The decision of which (if any) distributor signatures are to be  
> validated and whether the author     signature is validated is out  
> of scope of this specification. This may be determined by the  
> Security Policy used by the user agent.
>
> The ordering by widget file name can be used to allow consistent  
> processing and possible optimization.
>
> 	 Every signature that is validated MUST be validated according to  
> Signature Validation defined in this specification.
> Please indicate any comment or correction.
>
> The latest draft also changes all usage of "widget user agent" to  
> "user agent".
>
> regards, Frederick
>
> Frederick Hirsch
> Nokia
>
>
> On Mar 16, 2009, at 4:46 PM, ext Priestley, Mark, VF-Group wrote:
>
>> [mp] My view is that whether zero, one or more signatures is  
>> processed
>> is up to the widget user agents security policy therefore we don't  
>> need
>> to say anything about which signatures (if any) must be processed.  
>> The
>> purpose of sorting the distributor signatures into ascending order  
>> is to
>> allow some optimisation of signature processing under certain
>> conditions. Maybe good to further clarify - I can try and come up  
>> with
>> something if you'd like (and of course if you agree)?
>
>
>
>
>
Received on Thursday, 19 March 2009 14:26:05 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:30 GMT