- From: Arthur Barstow <Art.Barstow@nokia.com>
- Date: Wed, 22 Apr 2009 18:04:48 -0400
- To: Marcos Caceres <marcosc@opera.com>, Mark Priestley <Mark.Priestley@vodafone.com>, "Hirsch Frederick (Nokia-CIC/Boston)" <Frederick.Hirsch@nokia.com>
- Cc: public-webapps <public-webapps@w3.org>
A shorter counter-proposal below ... On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote: > On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch > <frederick.hirsch@nokia.com> wrote: >> ISSUE-83 states: >> Instantiated widget should not be able to read digital signature >> http://www.w3.org/2008/webapps/track/issues/83 >> >> The following is a proposal of text to add to P&C to address this >> issue, >> based on text from Marcos and adding the notion of allowing policy >> and >> access control mechanisms to be used: >> >> "Where a user agent that implements this specification interacts with >> implementations of other specifications, this user agent MUST deny >> other >> implementations access to digital signature documents unless an >> access >> control mechanism is in place to enable access according to >> policy. The >> definition of such a policy mechanism is out of scope of this >> specification, but may be defined to allow access to all or parts >> of the >> signature documents, or deny any such access. An exception is if a >> user >> agent that implements this specification also implements the OPTIONAL >> [Widgts-DigSig] specification, in which case the user agent MUST make >> signature documents available to the implementation of the >> [Widgets-DigSig] >> specification." > > Added under "Digital Signatures" section. If Mark is happy, then we > should close this issue. Proposed text: [[ A user agent MUST prevent a widget from accessing the contents of a digital signature document unless an access control mechanism explicitly enables such access e.g. via an access control policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. ]] -Regards, Art Barstow
Received on Wednesday, 22 April 2009 22:06:05 UTC