Re: Proposal for ISSUE-83

On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch
<frederick.hirsch@nokia.com> wrote:
> ISSUE-83 states:
> Instantiated widget should not be able to read digital signature
> http://www.w3.org/2008/webapps/track/issues/83
>
> The following is a proposal of text to add to P&C to address this issue,
> based on text from Marcos and adding the notion of allowing policy and
> access control mechanisms to be used:
>
> "Where a user agent that implements this specification interacts with
> implementations of other specifications, this user agent MUST deny other
> implementations access to digital signature documents unless an access
> control mechanism is in place to enable access according to policy. The
> definition of such a policy mechanism is out  of scope of this
> specification, but may be defined to  allow access to all or parts of the
> signature documents, or deny any such access. An exception is if a user
> agent that implements this specification also implements the OPTIONAL
> [Widgts-DigSig] specification, in which case the user agent MUST make
> signature documents available to the implementation of the [Widgets-DigSig]
> specification."

Added under "Digital Signatures" section. If Mark is happy, then we
should close this issue.

Kind regards,
Marcos

-- 
Marcos Caceres
http://datadriven.com.au

Received on Tuesday, 21 April 2009 13:57:37 UTC