Widgets 1.0: Digital Signatures

Hi, apologies for the late comments.

I hope all of my comments are of an editorial nature. The only one
that might not be is the last one which is a question.

http://dev.w3.org/2006/waf/widgets-digsig/

-----

I'm aware this is non normative:

1.4 Example


  <CanonicalizationMethod
   Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
  <SignatureMethod
   Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

but..do we want to be consistent about trailing spaces before /> ?
-----

there are tabs here, which is inconsistent with the rest of the example:
 <KeyInfo>
	<X509Data>
	 <X509Certificate>...</X509Certificate>
	</X509Data>
 </KeyInfo>

-----
4 Locating and Processing Digital Signatures for the Widget

3.

If the signatures list is not empty, sort the list of signatures by
the file name field in ascending numerical order (e.g. signature1.xml
followed by signature2.xml followed by signature3.xml etc).

In Safari 4 beta, the paragraph has a blank paragraph between it and
the 3. number, this differs from 6.

-----
If the signatures list is not empty, sort the list of signatures by
the file name field in ascending numerical order (e.g. signature1.xml
followed by signature2.xml followed by signature3.xml etc).

change "xml etc" to "xml, etc."

-----
7.1 Common Constraints for Signature Generation and Validation

4. Every Signature Property required by this specification MUST be
incorporated into the signature as follows:

b. A widget signature MUST include a ds:Object element within the
ds:Signature element. This ds:Object element MUST have an Id attribute
that is referenced by a ds:Reference element within the signature
ds:SignedInfo element.

Why is "Id" written in mixed case?

-----

Received on Thursday, 4 June 2009 13:31:24 UTC