widgets 1.0 requirements suggestion

I have an additional suggested revision to the Widgets 1.0  
Requirements, dated 28 January [1]:

(1) R44. Signature Document Format
http://dev.w3.org/2006/waf/widgets-reqs/#r44.-signature-document-format

I suggest some changes to clarify to capture the intent that Mark  
noted [2].

(1a) Replace "used independently" with "conveyed independently"

(1b) Add after:
"A conforming specification SHOULD provide guidelines for how any  
digital signature can be used separately from a widget resource."

the following

"An example of such use is to perform certificate chain validation and  
other checks related to the signature key information, without  
necessarily validating the referenced widget content at that time.  
Risks associated with separating time of verification and validation  
steps may need consideration."


regards, Frederick

Frederick Hirsch
Nokia

[1] http://dev.w3.org/2006/waf/widgets-reqs/

[2] http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/0056.html

Received on Thursday, 12 February 2009 12:34:56 UTC