Re: [widgets] dig sig and requirements ready for pub!

The Identifier property is useful for audit and management in the  
backend.  I believe this should remain in the specification and should  
remain a normative section, agreeing with Thomas note in the chat. It  
was added based on requirements from WG members.

Thomas mentioned in the chat the means to obtain unique values, e.g.  
large random number, serial number + DNS  etc, but I think this can be  
out of scope of the spec.

Currently the specification states
Each widget signature MUST contain a dsp:Identifier signature  
properties element compliant with XML Signature Properties [XMLDSIG- 
Properties] and this specification.

We can add, "A signer MUST place the dsp:Identifier signature property  
into the signature when generating the signature." if necessary.

regards, Frederick

Frederick Hirsch
Nokia



On May 4, 2009, at 9:38 AM, Barstow Art (Nokia-CIC/Boston) wrote:

> Kai - this is a good question.
>
> Frederick - we (MC, TLR and I) talked about this in IRC today. Please
> take a look and let us know your thoughts:
>
>  <http://krijnhoetmer.nl/irc-logs/webapps/20090504>
>
> -Regards, Art Barstow
>
>
> On May 1, 2009, at 6:49 AM, ext Kai Hendry wrote:
>
>> http://dev.w3.org/2006/waf/widgets-digsig/#identifier-signature-
>> property
>>
>> I'm not sure what "signature management" is exactly, though can
>> someone please inform me what a UA is supposed to do with
>> dsp:Identifier?
>>
>>
>> I'm also keen on seeing a simple self sign sign/verify example using
>> http://www.aleksey.com/xmlsec/ or some other opensource tool.
>>
>>
>> Kind regards,
>>
>

Received on Monday, 4 May 2009 14:15:56 UTC