W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

Re: [BONDI Architecture & Security] [widgets] new digsig draft

From: Marcos Caceres <marcosc@opera.com>
Date: Thu, 26 Mar 2009 17:12:20 +0100
Message-ID: <b21a10670903260912u706be352y8ee73d8677554b96@mail.gmail.com>
To: Paddy Byers <paddy@aplix.co.jp>
Cc: "Hillebrand, Rainer" <Rainer.Hillebrand@t-mobile.net>, WebApps WG <public-webapps@w3.org>, otsi-arch-sec@omtplists.org
On Thu, Mar 26, 2009 at 4:29 PM, Paddy Byers <paddy@aplix.co.jp> wrote:
> Hi,
>
>> Agreed. Can we say "were signed with the same certificate" instead?
>
> I understood that Webapps had agreed to add a signature profile that
> designates a particular signature as the author signature - and where this
> is present it is possible to come up with appropriate precise wording as to
> whether or not two packages originate from the same author.

Well, that's basically what we have, but Rainer seems to imply that it
is impossible to do this. I think we get as close as we technically
can to achieving that goal. However, if that current solution is
inadequate, then please send us suggestions.

-- 
Marcos Caceres
http://datadriven.com.au
Received on Thursday, 26 March 2009 16:13:15 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:30 GMT