Re: Proposal to update signature text in Packaging and Config, remove from Widget Signature from Marcos Caceres on 2009-04-27 (public-webapps@w3.org from April to June 2009)

From: Marcos Caceres <marcosc@opera.com>
Date: Tue, 28 Apr 2009 00:13:01 +0200
To: Frederick Hirsch <frederick.hirsch@nokia.com>
Cc: Web Applications Working Group WG <public-webapps@w3.org>, Arthur Barstow <art.barstow@nokia.com>
Message-ID: <b21a10670904271513o16788345gb54858bfc7c8b447@mail.gmail.com>

I will make the changes below and change the style sheet to uppercase
rfc2119 terms.

On Monday, April 27, 2009, Frederick Hirsch <frederick.hirsch@nokia.com> wrote:
> I suggest the following
>
> remove from widgets signature:
> http://dev.w3.org/2006/waf/widgets-digsig/#use
>
> "A user agent MUST prevent a widget from accessing the contents of a
> digital signature document unless an access control mechanism
> explicitly enables such access, e.g. via a an access control policy.
> The definition of such a policy mechanism is out of scope of this
> specification, but may be defined to allow access to all or parts of
> the signature documents, or deny any such access."
>
> change packaging and config,
> http://dev.w3.org/2006/waf/widgets/#digital-signatures
>
> replace 2nd paragraph which is currently
>
> "Where a user agent that implements this specification interacts with
> implementations of other specifications, this user agent must deny
> other implementations access to digital signature documents unless an
> access control mechanism is in place to enable access according to
> policy. The definition of such a policy mechanism is out of scope of
> this specification, but may be defined to allow access to all or parts
> of the signature documents, or deny any such access. An exception is
> if a user agent that implements this specification also implements the
> optional [Widgts-DigSig] specification, in which case the user agent
> must make signature documents available to the implementation of the
> [Widgets-DigSig]specification."
>
> with this
>
> "A user agent MUST prevent a widget from accessing the contents of a
> digital signature document unless an access control mechanism
> explicitly enables such access, e.g. via a an access control policy.
> The definition of such a policy mechanism is out of scope of this
> specification, but may be defined to allow access to all or parts of
> the signature documents, or deny any such access. An exception is if a
> user agent that implements this specification also implements the
> optional [Widgts-DigSig] specification, in which case the user agent
> must make signature documents available to the implementation of the
> [Widgets-DigSig] specification."
>
>
> this is to adopt Art's simplified proposal
>
> By the way I really think P&C should use  uppercase MUSTs etc.
>
>
> regards, Frederick
>
> Frederick Hirsch
> Nokia
>
>
>
>
>

-- 
Marcos Caceres
http://datadriven.com.au

Received on Monday, 27 April 2009 22:13:48 UTC