- From: Jere Kapyaho <jere.kapyaho@nokia.com>
- Date: Thu, 08 Jan 2009 18:08:03 +0200
- To: public-webapps <public-webapps@w3.org>
Hello, here is a small issue regarding how the term 'not required' is used in the Widgets Digital Signatures spec, in the 'Digital Signature Document Profile' section [1]. I think this remains even if the spec will refer to the XML Signature Syntax and Processing 1.1 spec. (<-- correct name? reference?) These phrases appear: - "A widget user agent is not required to support any other canonicalization method." - "A widget user agent is not required to support any other digest methods." - "A widget user agent is not required to support other certificate formats (e.g., PGP, SPKI, etc)." In the first two instances, 'not required' is formatted like RFC 2119 keywords [2]; in the third it is not. The problem seems to be that 'not required' is not an RFC 2119 keyword expression (even though 'required' is; this has tripped at least me before). Would the equivalent result be achieved if these statements said "a widget user agent MAY support other canonicalization methods" etc.? After all, the spec already defines the mandatory c14n, digest and certificate. --Jere [1] http://dev.w3.org/2006/waf/widgets-digsig/#digital [2] http://www.ietf.org/rfc/rfc2119.txt
Received on Thursday, 8 January 2009 16:09:27 UTC