Re: Proposal to update signature text in Packaging and Config, remove from Widget Signature from Marcos Caceres on 2009-05-01 (public-webapps@w3.org from April to June 2009)

From: Marcos Caceres <marcosc@opera.com>
Date: Fri, 1 May 2009 17:20:39 +0200
To: Frederick Hirsch <frederick.hirsch@nokia.com>
Cc: Web Applications Working Group WG <public-webapps@w3.org>, Arthur Barstow <art.barstow@nokia.com>
Message-ID: <b21a10670905010820t10da3004qaecd071cd06dfeb1@mail.gmail.com>

On Tue, Apr 28, 2009 at 12:13 AM, Marcos Caceres <marcosc@opera.com> wrote:
> I will make the changes below and change the style sheet to uppercase
> rfc2119 terms.

Ok, done.

> On Monday, April 27, 2009, Frederick Hirsch <frederick.hirsch@nokia.com> wrote:
>> I suggest the following
>>
>> remove from widgets signature:
>> http://dev.w3.org/2006/waf/widgets-digsig/#use
>>
>> "A user agent MUST prevent a widget from accessing the contents of a
>> digital signature document unless an access control mechanism
>> explicitly enables such access, e.g. via a an access control policy.
>> The definition of such a policy mechanism is out of scope of this
>> specification, but may be defined to allow access to all or parts of
>> the signature documents, or deny any such access."
>>
>> change packaging and config,
>> http://dev.w3.org/2006/waf/widgets/#digital-signatures
>>
>> replace 2nd paragraph which is currently
>>
>> "Where a user agent that implements this specification interacts with
>> implementations of other specifications, this user agent must deny
>> other implementations access to digital signature documents unless an
>> access control mechanism is in place to enable access according to
>> policy. The definition of such a policy mechanism is out of scope of
>> this specification, but may be defined to allow access to all or parts
>> of the signature documents, or deny any such access. An exception is
>> if a user agent that implements this specification also implements the
>> optional [Widgts-DigSig] specification, in which case the user agent
>> must make signature documents available to the implementation of the
>> [Widgets-DigSig]specification."
>>
>> with this
>>
>> "A user agent MUST prevent a widget from accessing the contents of a
>> digital signature document unless an access control mechanism
>> explicitly enables such access, e.g. via a an access control policy.
>> The definition of such a policy mechanism is out of scope of this
>> specification, but may be defined to allow access to all or parts of
>> the signature documents, or deny any such access. An exception is if a
>> user agent that implements this specification also implements the
>> optional [Widgts-DigSig] specification, in which case the user agent
>> must make signature documents available to the implementation of the
>> [Widgets-DigSig] specification."
>>
>>
>> this is to adopt Art's simplified proposal
>>
>> By the way I really think P&C should use  uppercase MUSTs etc.
>>
>>
>> regards, Frederick
>>
>> Frederick Hirsch
>> Nokia
>>
>>
>>
>>
>>
>
> --
> Marcos Caceres
> http://datadriven.com.au
>



-- 
Marcos Caceres
http://datadriven.com.au

Received on Friday, 1 May 2009 15:21:37 UTC