- From: Marcos Caceres <marcosc@opera.com>
- Date: Mon, 14 Sep 2009 17:00:01 +0200
- To: Arthur Barstow <Art.Barstow@nokia.com>
- Cc: public-webapps <public-webapps@w3.org>
On Mon, Sep 14, 2009 at 1:33 PM, Arthur Barstow <Art.Barstow@nokia.com> wrote: > On Sep 13, 2009, at 1:06 PM, ext Marcos Caceres wrote: > >> On Fri, Sep 11, 2009 at 9:30 PM, Arthur Barstow <Art.Barstow@nokia.com> >> wrote: >>> >>>>> 10. Section 2: Initialization: I don't understand this sentence, which >>>>> when >>>>> shortened is effectively "The first run through X, prior to runtime.". >>>> >>>> How about: >>>> >>>> "When a user agent first runs a widget package through the Steps for >>>> Processing a Widget Package, as specified in the [Widgets-Packaging] >>>> specification, prior to runtime." >>>> >>>> That boils down to: >>>> >>>> When a user agent first runs a widget package through X, prior to >>>> runtime. >>> >>> I still can't parse/grok it but it's probably just me and I'll bug you >>> about >>> it in IRC (someday) :-). >>> >>> Perhaps part of the confusion is that "user agent" in the context of this >>> defintion is presumably a P&C user agent yet that qualification isn't >>> made >>> and the only reference to that definition is in Section 6.1 and in that >>> context the UA is the A&E UA. >> >> Yeah, you nailed it (well, section 4.1 Support of Other Specifications >> [1] kinda defined it). Reworked the definition of a UA to: >> >> [[ >> A user agent is a software implementation that supports: >> * The widget interface. >> * The [Widgets-Packaging] specification. >> * The [Widgets-URI] specification. >> * Storage areas. > > 1. In the updated definition of Initialization, make the "user agent" a link > to the definition of "user agent" in Section 4. done. >> It is optional for a user agent to support the widgets >> [Widgets-DigSig] specification. >> ]] > > Why did you add the DigSig text above and new DigSig paragraph below the > Note (Section 4)? This spec should focus exclusively on the A&E UA. The reason is that currently, the following text does not have a home: [[A user agent must prevent a browsing context of a widget from accessing (e.g., via scripts, CSS, HTML, etc.) the contents of a digital signature document unless an access control mechanism explicitly enables such access, e.g. via an access control policy. The definition of such a policy mechanism is beyond the scope this specification, but can be defined by implementers to allow access to all or parts of the signature documents, or deny any such access. An exception is if a user agent that implements this specification also implements the optional [Widgets-DigSig] specification, in which case the user agent must make digital signature documents available only to the implementation of the [Widgets-DigSig] specification; a user agent must not make the digital signatures accessible to scripting or other content loading mechanisms, unless explicitly enabled by an access control mechanism.]] This spec seems like a good home for the text above (hence the optionality of widgets dig sig). -- Marcos Caceres http://datadriven.com.au
Received on Monday, 14 September 2009 15:01:01 UTC