- From: Frederick Hirsch <Frederick.Hirsch@nokia.com>
- Date: Wed, 18 Mar 2009 17:06:35 -0400
- To: WebApps WG <public-webapps@w3.org>
- Cc: Frederick Hirsch <Frederick.Hirsch@nokia.com>
- Message-Id: <1055722F-C87F-4ADC-81F9-C47A298EDE0E@nokia.com>
I have updated the latest Widget Signature editors draft section 4 (locating and processing digital signatures) to no longer require the first signature to be processed. http://dev.w3.org/2006/waf/widgets-digsig/#locating-signatures The language is now (numbering ok in draft): Process the digital signatures in the signatures list in descending order, with distributor signatures first. The decision of which (if any) distributor signatures are to be validated and whether the author signature is validated is out of scope of this specification. This may be determined by the Security Policy used by the user agent. The ordering by widget file name can be used to allow consistent processing and possible optimization. Every signature that is validated MUST be validated according to Signature Validation defined in this specification. Please indicate any comment or correction. The latest draft also changes all usage of "widget user agent" to "user agent". regards, Frederick Frederick Hirsch Nokia On Mar 16, 2009, at 4:46 PM, ext Priestley, Mark, VF-Group wrote: > [mp] My view is that whether zero, one or more signatures is processed > is up to the widget user agents security policy therefore we don't > need > to say anything about which signatures (if any) must be processed. The > purpose of sorting the distributor signatures into ascending order > is to > allow some optimisation of signature processing under certain > conditions. Maybe good to further clarify - I can try and come up with > something if you'd like (and of course if you agree)?
Received on Wednesday, 18 March 2009 21:07:22 UTC