- From: Laura Arribas via cvs-syncmail <cvsmail@w3.org>
- Date: Wed, 09 Jun 2010 13:48:33 +0000
- To: public-dap-commits@w3.org
Update of /sources/public/2009/dap/policy
In directory hutz:/tmp/cvs-serv14455
Modified Files:
Framework.html
Log Message:
Further editorial changes (mostly typos and format)
Index: Framework.html
===================================================================
RCS file: /sources/public/2009/dap/policy/Framework.html,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- Framework.html 4 Jun 2010 07:09:06 -0000 1.3
+++ Framework.html 9 Jun 2010 13:48:31 -0000 1.4
@@ -92,7 +92,7 @@
the features and the device capabilities exposed by them) are generic, and are
not themselves dependent on any particular set of JavaScript APIs. This
model envisages that these controls apply, irrespective of whether the APIs in
- use are defined by DAP or any independent entity. <!-- This “layering” of
+ use are defined by DAP or any independent entity. <!-- This "layering” of
JavaScript APIs and mediating access control is illustrated in the figure below. -->
</p>
<section id="trust-domain-control-layer">
@@ -351,7 +351,7 @@
<h3>Subject Attributes</h3>
<p> A <strong><em><a id="subject">subject</a></em></strong> corresponds to an entity that may attempt
security-relevant actions and corresponds to a single
- “identity”. (In practice, some web applications might
+ "identity". (In practice, some web applications might
have multiple identities – for example is a widget
resource is signed by multiple signers – but for the
purposes of this model, each access control query is
@@ -361,7 +361,7 @@
class determines which attributes are available; other
attributes have the undefined value. </p>
<p> All <strong><em>subject attributes</em></strong> are determined for the applicable
- application Execution Phases: widget-install, widget-instantiate.</p>
+ application execution phases: widget-install, widget-instantiate.</p>
<section id="widget-resource-identity">
<h4>Widget Resource Identity</h4>
<p> The widget identity type applies to all operations
@@ -377,23 +377,23 @@
scope="col">Attribute</th> <th scope="col">Type</th> <th
scope="col">Value</th> </tr> </thead> <tbody> <tr>
<td>class</td> <td>string</td> <td>This has the value
- “widget” if and only if the subject is a widget.</td>
+ "widget" if and only if the subject is a widget.</td>
</tr> <tr> <td>install-uri</td> <td>URI</td> <td>The URI
that the widget resource was originally retrieved from
before installation, if known, otherwise the empty
bag.</td> </tr> <tr> <td>id</td> <td>URI</td> <td>The
- identity of the widget. For a W3C widget specification
- compliant widget resource, this is the value of the id
- attribute of the <widget> element in the widget
+ identity of the widget. For a W3C widget specification [[!WIDGETS]]
+ compliant widget resource, this is the value of the <code>id</code>
+ attribute of the <code>widget</code> element in the widget
configuration document converted from IRI to URI based
- on RFC3987. In this case, it is a URI that uniquely
- identifies the widget. Empty bag if there is no id
+ on RFC3987 [[!IRI]]. In this case, it is a URI that uniquely
+ identifies the widget. Empty bag if there is no <code>id</code>
attribute.</td> </tr> <tr> <td>version</td>
<td>string</td> <td>Version of the widget resource. For
a W3C widget specification compliant widget resource,
- this is the version attribute of the <widget> element in
- the widget Configuration Document. Empty bag if there is
- no version attribute.</td> </tr> <tr>
+ this is the <code>version</code> attribute of the <code>widget</code> element in
+ the widget configuration document. Empty bag if there is
+ no <code>version</code> attribute.</td> </tr> <tr>
<td>distributor-key-cn</td> <td>string</td> <td>The
common name of the end entity certificate for the
applicable widget resource distributor signature. Empty
@@ -425,9 +425,9 @@
certificate for the widget resource author signature.
Empty bag if none.</td> </tr> <tr>
<td>widget-attr:name</td> <td></td> <td>The value of the
- named attribute of the <widget> element whose type
+ named attribute of the <code>widget</code> element whose type
and value are set up in the widget configuration
- document for use in the DAP security framework. Empty
+ document for use in the security framework. Empty
bag if no such named attribute is defined.</td> </tr>
</tbody> </table>
</section> <!-- widget-resource-identity -->
@@ -435,42 +435,42 @@
<h4>Website Identity</h4>
<p> The website identity type applies to all operations
occurring in the execution of a remotely-hosted
- document, whether this is the top-level docment of the
+ document, whether this is the top-level document of the
website or is associated with some child browsing
context (such as an iframe). </p> <table border="1"
summary=""> <caption> <dfn
- id="widget-subject-attributes-table">Widget Subject
+ id="website-subject-attributes-table">Website Subject
Attributes Table</dfn></caption> <thead> <tr> <th
scope="col">Attribute</th> <th scope="col">Type</th> <th
scope="col">Value</th> <th scope="col">Meaning</th>
</tr> </thead> <tbody> <tr> <td>class</td>
<td>string</td> <td>"website"</td> <td>Has the value
- “website” if and only if the subject is of this
+ "website" if and only if the subject is of this
class.</td> </tr> <tr> <td rowspan="4">sign-schema</td>
- <td rowspan="4">string</td> </tr> <tr> <td>** (empty
- string)</td> <td>Not signed</td> </tr> <tr>
- <td>“tls”</td> <td>The page was fetched using HTTPS and
+ <td rowspan="4">string</td> </tr> <tr> <td>"" (empty
+ string)</td> <td>Not signed.</td> </tr> <tr>
+ <td>"tls"</td> <td>The page was fetched using HTTPS and
the browser has verified that the site certificate’s
Common Name matches the host that the page was fetched
from, and it has already applied its own policies
regarding whether the root certificate is in an
acceptable trust domain.</td> </tr> <tr>
- <td>“tls-ev”</td> <td>As “tls”, and, additionally, the
+ <td>"tls-ev"</td> <td>As "tls", and, additionally, the
site certificate has an extended validation field and
the browser's internal policy allows that information to
- be passed to the DAP security framework.</td> </tr> <tr>
+ be passed to the security framework.</td> </tr> <tr>
<td>uri</td> <td>URI</td> <td colspan="2">The URI used
to access the document that embeds or refers to the
JavaScript code, corresponding to the window.location
property of the browsing context. In the case of that a
- Feature is accessed from a child browsing context (for
+ feature is accessed from a child browsing context (for
example from within a <iframe> within some outer
document), this attribute provides the location of the
child context.</td> </tr> <tr> <td>uri-top</td>
<td>URI</td> <td colspan="2">The URI used to access the
website that embeds or refers to the JavaScript code,
corresponding to the top.window property of the browsing
- context. In the case that the Feature is accessed from a
+ context. In the case that the feature is accessed from a
child browsing context (for example from within an
<iframe>), this attribute provides the location of
the top-level browsing context. If the current browsing
@@ -506,9 +506,8 @@
****)</td> <td>URI</td> <td>The IRI identifier of the
requested Feature converted to URI as per RFC3987
[[!IRI]].</td> <td>This uses the same naming scheme as
- in a widget's <feature> element. See Appendix A
- (*** change this ref ****). Determined for all
- applicable application Execution Phases.</td> </tr> <tr>
+ in a widget's <code>feature</code> element. Determined for all
+ applicable application execution phases.</td> </tr> <tr>
<td id="device-cap">device-cap</td> <td>string</td> <td>Device
capability being accessed, if any. Empty bag if
none</td> <td>See Appendix A (*** change this ref ***).
@@ -527,22 +526,22 @@
that the API implementation was originally retrieved
from before installation, if known, otherwise the empty
bag.</td> <td>Determined for all applicable application
- Execution Phases.</td> </tr> <tr>
+ execution phases.</td> </tr> <tr>
<td>feature-key-cn</td> <td>string</td> <td>The common
name of the end entity certificate for the signature
associated with the Feature implementation. Empty bag if
none.</td> <td>Determined for all applicable application
- Execution Phases.</td> </tr> <tr>
+ execution phases.</td> </tr> <tr>
<td>feature-key-root-cn</td> <td>string</td> <td>The
common name of the root certificate for the signature
associated with the Feature implementation. Empty bag if
none</td> <td>Determined for all applicable application
- Execution Phases.</td> </tr> <tr>
+ execution phases.</td> </tr> <tr>
<td>feature-key-root-fingerprint</td> <td>string</td>
<td>The fingerprint of the root certificate of the
signature associated with the Feature implementation.
Empty bag if none.</td> <td>Determined for all
- applicable application Execution Phases.</td> </tr> <tr>
+ applicable application execution phases.</td> </tr> <tr>
</tbody> </table>
</section> <!-- resource-attributes -->
<section id="environment-attributes">
@@ -558,10 +557,10 @@
</tr> </thead> <tbody> <tr> <td>roaming</td>
<td>string</td> <td>"national", "international", or
empty string</td> <td>Determined in the following
- Execution Phases:
+ execution phases:
<ul> <li>widget-instantiate</li>
<li>website-bind</li> <li>invoke</li> </ul>
- Undetermined in the following Execution Phases:
+ Undetermined in the following execution phases:
<ul> <li>widget-install</li> </ul>
</td> </tr> <tr> <td>bearer-type</td> <td>string</td>
<td>The type of the current network bearer over which a
@@ -571,10 +570,10 @@
served, if multiple networks are available). A
comma-separated list of one or more of the bearer types
given as examples in W3C DCO [[DCONTOLOGY]].</td>
- <td>Determined in the following Execution Phases:
+ <td>Determined in the following execution phases:
<ul> <li>widget-instantiate</li>
<li>website-bind</li> <li>invoke</li> </ul>
- Undetermined in the following Execution Phases:
+ Undetermined in the following execution phases:
<ul> <li>widget-install</li> </ul>
</td> </tr> </tbody> </table>
</section> <!-- environment-attributes -->
Received on Wednesday, 9 June 2010 13:48:38 UTC