- From: SUWIRYA Darmawan <Darmawan.SUWIRYA@gemalto.com>
- Date: Sun, 10 Nov 2013 00:36:24 +0100
- To: "public-sysapps@w3.org" <public-sysapps@w3.org>
- Message-ID: <1126F161F6F1B24FABD92B850CAFBD6E03868F9EBE3A@CROEXCFWP04.gemalto.com>
I think it's important to highlight and re-iterate the fact that whatever stated and proposed in this SE API draft is still an early draft version which is still subject to and open for many further discussion and review. I do NOT think SE API draft presumes anything about signed apps, and most importantly it does NOT mandate it. The intention is to merely referring and taking advantage of mechanism that is defined by Runtime and Security Model spec section 9.4 ( http://www.w3.org/TR/2013/WD-runtime-20130321/ ), which is then related to the post that is made by Claes recently ( http://lists.w3.org/Archives/Public/public-sysapps/2013Nov/0040.html ), as yet another additional protection - if needed and available. In term of security risk, SE API has exactly the same level of security risk and problematic as the rests of APIs defined in the SysApps. But being an SE, the good news is that it has some more additional embedded security protection to offer ( e.g. PIN, GP access control, secure messaging, etc. ). Thanks, Darmawan. ________________________________ This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
Received on Saturday, 9 November 2013 23:36:52 UTC