W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2009

Re: [BONDI Architecture & Security] [widgets] new digsig draft

From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
Date: Fri, 27 Mar 2009 14:03:22 -0400
Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>, "marcosc@opera.com" <marcosc@opera.com>, WebApps WG <public-webapps@w3.org>
Message-Id: <54454500-1C5D-4B99-9593-3A85D14C6CF9@nokia.com>
To: "ext Hillebrand, Rainer" <Rainer.Hillebrand@t-mobile.net>
I think we should remove it.

Also, I revised the e.g. as follows

... undesireable and security relevant effects, such as overwriting of  
startup or system files.

regards, Frederick

Frederick Hirsch
Nokia



On Mar 27, 2009, at 2:00 PM, ext Hillebrand, Rainer wrote:

> Dear Frederick,
>
> I added my comments inline.
>
> Best Regards,
>
> Rainer
>
> *************************************
> T-Mobile International
> Terminal Technology
> Rainer Hillebrand
> Head of Terminal Security
> Landgrabenweg 151, D-53227 Bonn
> Germany
>
> +49 171 5211056 (My T-Mobile)
> +49 228 936 13916 (Tel.)
> +49 228 936 18406 (Fax)
> E-Mail: rainer.hillebrand@t-mobile.net
>
> http://www.t-mobile.net
>
> This e-mail and any attachment are confidential and may be  
> privileged. If you are not the intended recipient, notify the sender  
> immediately, destroy all copies from your system and do not disclose  
> or use the information for any purpose.
>
> Diese E-Mail inklusive aller Anhänge ist vertraulich und könnte  
> bevorrechtigtem Schutz unterliegen. Wenn Sie nicht der beabsichtigte  
> Adressat sind, informieren Sie bitte den Absender unverzüglich,  
> löschen Sie alle Kopien von Ihrem System und veröffentlichen Sie  
> oder nutzen Sie die Information keinesfalls, gleich zu welchem Zweck.
>
>
>>
>
>
> T-Mobile International AG
> Aufsichtsrat/ Supervisory Board: René Obermann (Vorsitzender/  
> Chairman)
> Vorstand/ Board of Management: Hamid Akhavan (Vorsitzender/  
> Chairman), Michael Günther, Lothar A. Harings, Katharina Hollender
> Handelsregister/Commercial Register Entry: Amtsgericht Bonn, HRB 12276
> Steuer-Nr./Tax No.: 205 / 5777/ 0518
> USt.-ID./VAT Reg.No.: DE189669124
> Sitz der Gesellschaft/ Corporate Headquarters: Bonn
>
>
>
>
> -----Original Message-----
>> From: Frederick Hirsch [mailto:frederick.hirsch@nokia.com]
>> Sent: Freitag, 27. März 2009 18:55
>> To: Hillebrand, Rainer
>> Cc: Frederick Hirsch; marcosc@opera.com; WebApps WG
>> Subject: Re: [BONDI Architecture & Security] [widgets] new
>> digsig draft
>>
>> comments inline, thanks for reviewing this
>>
>>
>> regards, Frederick
>>
>> Frederick Hirsch
>> Nokia
>>
>>
>>
>> On Mar 27, 2009, at 1:26 PM, ext Hillebrand, Rainer wrote:
>>
>>> 3. Section 7.3: "The set of acceptable trust anchors, and policy
>>> decisions based on the signer's identity are established through a
>>> security-critical out-of-band mechanism." I do not really
>> understand
>>> this sentence. This is not subject for the processing rules, isn't
>>> it? What is an acceptable trust anchor? Are they really
>> established
>>> or may they be established?
>>
>> knowing  whom you can trust and how to establish that trust
>> is out of
>> scope.
>>
>
> RH: Would you like to keep this sentence or delete it? I wonder  
> whether we need to mention the potential use of the KeyInfo which is  
> out-of-scope anyhow.
Received on Friday, 27 March 2009 18:04:58 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:30 GMT