- From: Marcos Caceres <marcosscaceres@gmail.com>
- Date: Fri, 13 Feb 2009 23:26:26 +1000
- To: Frederick Hirsch <frederick.hirsch@nokia.com>
- Cc: public-webapps <public-webapps@w3.org>
Hi Frederick, 2009/2/12 Frederick Hirsch <frederick.hirsch@nokia.com>: > > I have an additional suggested revision to the Widgets 1.0 Requirements, dated 28 January [1]: > > (1) R44. Signature Document Format > http://dev.w3.org/2006/waf/widgets-reqs/#r44.-signature-document-format > > I suggest some changes to clarify to capture the intent that Mark noted [2]. > > (1a) Replace "used independently" with "conveyed independently" Done. > (1b) Add after: > "A conforming specification SHOULD provide guidelines for how any digital signature can be used separately from a widget resource." > > the following > > "An example of such use is to perform certificate chain validation and other checks related to the signature key information, without necessarily validating the referenced widget content at that time. Risks associated with separating time of verification and validation steps may need consideration." > Added. Kind regards, Marcos -- Marcos Caceres http://datadriven.com.au
Received on Friday, 13 February 2009 13:29:57 UTC