W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

RE: [BONDI Architecture & Security] [widgets] new digsig draft

From: Hillebrand, Rainer <Rainer.Hillebrand@t-mobile.net>
Date: Fri, 27 Mar 2009 19:00:30 +0100
Message-ID: <41C7C0F2BC2713438D933052463E9259024A8979@DEMSWBMXSC0104.sv.ad.tmo>
To: "Frederick Hirsch" <frederick.hirsch@nokia.com>
Cc: <marcosc@opera.com>, "WebApps WG" <public-webapps@w3.org>
Dear Frederick,

I added my comments inline.

Best Regards,

Rainer

*************************************
T-Mobile International
Terminal Technology
Rainer Hillebrand
Head of Terminal Security
Landgrabenweg 151, D-53227 Bonn
Germany

+49 171 5211056 (My T-Mobile)
+49 228 936 13916 (Tel.)
+49 228 936 18406 (Fax)
E-Mail: rainer.hillebrand@t-mobile.net

http://www.t-mobile.net

This e-mail and any attachment are confidential and may be privileged. If you are not the intended recipient, notify the sender immediately, destroy all copies from your system and do not disclose or use the information for any purpose. 

Diese E-Mail inklusive aller Anhänge ist vertraulich und könnte bevorrechtigtem Schutz unterliegen. Wenn Sie nicht der beabsichtigte Adressat sind, informieren Sie bitte den Absender unverzüglich, löschen Sie alle Kopien von Ihrem System und veröffentlichen Sie oder nutzen Sie die Information keinesfalls, gleich zu welchem Zweck.
 

> 


T-Mobile International AG
Aufsichtsrat/ Supervisory Board: René Obermann (Vorsitzender/ Chairman)
Vorstand/ Board of Management: Hamid Akhavan (Vorsitzender/ Chairman), Michael Günther, Lothar A. Harings, Katharina Hollender
Handelsregister/Commercial Register Entry: Amtsgericht Bonn, HRB 12276
Steuer-Nr./Tax No.: 205 / 5777/ 0518
USt.-ID./VAT Reg.No.: DE189669124
Sitz der Gesellschaft/ Corporate Headquarters: Bonn




-----Original Message----- 
> From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com] 
> Sent: Freitag, 27. März 2009 18:55
> To: Hillebrand, Rainer
> Cc: Frederick Hirsch; marcosc@opera.com; WebApps WG
> Subject: Re: [BONDI Architecture & Security] [widgets] new 
> digsig draft
> 
> comments inline, thanks for reviewing this
> 
> 
> regards, Frederick
> 
> Frederick Hirsch
> Nokia
> 
> 
> 
> On Mar 27, 2009, at 1:26 PM, ext Hillebrand, Rainer wrote:
> 
> > 3. Section 7.3: "The set of acceptable trust anchors, and policy  
> > decisions based on the signer's identity are established through a  
> > security-critical out-of-band mechanism." I do not really 
> understand  
> > this sentence. This is not subject for the processing rules, isn't  
> > it? What is an acceptable trust anchor? Are they really 
> established  
> > or may they be established?
> 
> knowing  whom you can trust and how to establish that trust 
> is out of  
> scope.
> 

RH: Would you like to keep this sentence or delete it? I wonder whether we need to mention the potential use of the KeyInfo which is out-of-scope anyhow.
Received on Friday, 27 March 2009 18:01:11 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:30 GMT