- From: Frederick Hirsch <frederick.hirsch@nokia.com>
- Date: Fri, 19 Dec 2008 15:05:53 -0500
- To: Frederick Hirsch <frederick.hirsch@nokia.com>
- Cc: public-webapps <public-webapps@w3.org>, Marcos Caceres <marcosscaceres@gmail.com>, VF-Group ext Priestley Mark <Mark.Priestley@vodafone.com>
I have updated the Editors Draft of Widgets Digital Signatures with the revised abstract and the URI for RSA-SHA256. regards, Frederick Frederick Hirsch Nokia On Dec 17, 2008, at 7:19 PM, Frederick Hirsch wrote: > Suggested changes to widgets signature Abstract: > > Change > > "Prior to instantiation, a widget user agent can use the digital > signature to verify the authenticity and data integrity of the files > in a widget resource. In the rare case where a widget damages the > end-user's device, the digital signature may provide a user with > legal recourse to prove that a widget resource was signed by a > particular author or publisher." > > to > > "Prior to instantiation, a widget user agent can use the digital > signature to verify the integrity of the widget resource, and > validate the source of the resource, such as the author or > publisher. This document summarizes how XML Signature and X.509 > Certificate technologies may be used for integrity and source > authentication of a widget resource, and notes compliance > requirements on both widget resources and widget user agents." > > I would argue that legal issues related to a widget damaging a > device are not central to this specification and need not be > mentioned in the abstract, but that the purpose of the document > should be. (Moreover a signature would only service as one aspect of > a dispute resolution process). > > regards, Frederick > > Frederick Hirsch > Nokia > > >
Received on Friday, 19 December 2008 20:06:43 UTC