W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

Re: [BONDI Architecture & Security] [widgets] new digsig draft

From: Marcos Caceres <marcosc@opera.com>
Date: Thu, 26 Mar 2009 17:12:20 +0100
Message-ID: <b21a10670903260912u706be352y8ee73d8677554b96@mail.gmail.com>
To: Paddy Byers <paddy@aplix.co.jp>
Cc: "Hillebrand, Rainer" <Rainer.Hillebrand@t-mobile.net>, WebApps WG <public-webapps@w3.org>, otsi-arch-sec@omtplists.org
On Thu, Mar 26, 2009 at 4:29 PM, Paddy Byers <paddy@aplix.co.jp> wrote:
> Hi,
>> Agreed. Can we say "were signed with the same certificate" instead?
> I understood that Webapps had agreed to add a signature profile that
> designates a particular signature as the author signature - and where this
> is present it is possible to come up with appropriate precise wording as to
> whether or not two packages originate from the same author.

Well, that's basically what we have, but Rainer seems to imply that it
is impossible to do this. I think we get as close as we technically
can to achieving that goal. However, if that current solution is
inadequate, then please send us suggestions.

Marcos Caceres
Received on Thursday, 26 March 2009 16:13:15 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 20 October 2015 13:55:24 UTC