- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Wed, 17 Dec 2008 19:19:36 -0500
- To: public-webapps <public-webapps@w3.org>
- Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, Marcos Caceres <marcosscaceres@gmail.com>, VF-Group ext Priestley Mark <Mark.Priestley@vodafone.com>
Suggested changes to widgets signature Abstract: Change "Prior to instantiation, a widget user agent can use the digital signature to verify the authenticity and data integrity of the files in a widget resource. In the rare case where a widget damages the end- user's device, the digital signature may provide a user with legal recourse to prove that a widget resource was signed by a particular author or publisher." to "Prior to instantiation, a widget user agent can use the digital signature to verify the integrity of the widget resource, and validate the source of the resource, such as the author or publisher. This document summarizes how XML Signature and X.509 Certificate technologies may be used for integrity and source authentication of a widget resource, and notes compliance requirements on both widget resources and widget user agents." I would argue that legal issues related to a widget damaging a device are not central to this specification and need not be mentioned in the abstract, but that the purpose of the document should be. (Moreover a signature would only service as one aspect of a dispute resolution process). regards, Frederick Frederick Hirsch Nokia
Received on Thursday, 18 December 2008 00:20:41 UTC