RE: Proposal for ISSUE-83 from Priestley, Mark, VF-Group on 2009-04-23 (public-webapps@w3.org from April to June 2009)

From: Priestley, Mark, VF-Group <Mark.Priestley@vodafone.com>
Date: Thu, 23 Apr 2009 09:07:26 +0200
To: <marcosc@opera.com>, "Arthur Barstow" <Art.Barstow@nokia.com>
Cc: "Hirsch Frederick (Nokia-CIC/Boston)" <Frederick.Hirsch@nokia.com>, "public-webapps" <public-webapps@w3.org>
Message-ID: <0BE18111593D8A419BE79891F6C4690902DA5E81@EITO-MBX01.internal.vodafone.com>

+1 for Art's shorter counter proposal 

Thanks,

Mark

-----Original Message-----
From: marcosscaceres@gmail.com [mailto:marcosscaceres@gmail.com] On Behalf Of Marcos Caceres
Sent: 23 April 2009 07:47
To: Arthur Barstow
Cc: Marcos Caceres; Priestley, Mark, VF-Group; Hirsch Frederick (Nokia-CIC/Boston); public-webapps
Subject: Re: Proposal for ISSUE-83

Also works for me.
Marcos
On Thursday, April 23, 2009, Arthur Barstow <Art.Barstow@nokia.com> wrote:
> A shorter counter-proposal below ...
>
> On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote:
>
>
> On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch 
> <frederick.hirsch@nokia.com> wrote:
>
> ISSUE-83 states:
> Instantiated widget should not be able to read digital signature
> http://www.w3.org/2008/webapps/track/issues/83
>
> The following is a proposal of text to add to P&C to address this 
> issue, based on text from Marcos and adding the notion of allowing 
> policy and access control mechanisms to be used:
>
> "Where a user agent that implements this specification interacts with 
> implementations of other specifications, this user agent MUST deny 
> other implementations access to digital signature documents unless an 
> access control mechanism is in place to enable access according to 
> policy. The definition of such a policy mechanism is out  of scope of 
> this specification, but may be defined to  allow access to all or 
> parts of the signature documents, or deny any such access. An 
> exception is if a user agent that implements this specification also 
> implements the OPTIONAL [Widgts-DigSig] specification, in which case 
> the user agent MUST make signature documents available to the 
> implementation of the [Widgets-DigSig] specification."
>
>
> Added under "Digital Signatures" section. If Mark is happy, then we 
> should close this issue.
>
>
> Proposed text:
>
> [[
> A user agent MUST prevent a widget from accessing the contents of a 
> digital signature document unless an access control mechanism 
> explicitly enables such access e.g. via an access control policy.
> The definition of such a policy mechanism is out of scope of this 
> specification, but may be defined to allow access to all or parts of 
> the signature documents, or deny any such access.
> ]]
>
> -Regards, Art Barstow
>
>
>
>

--
Marcos Caceres
http://datadriven.com.au

Received on Thursday, 23 April 2009 07:08:29 UTC