- From: Marcos Caceres <marcosscaceres@gmail.com>
- Date: Wed, 21 Sep 2011 12:34:39 +0200
- To: public-widgets-pag@w3.org
In regard to prior art for US-20070101433 (issued Patent #7,743,336), managed access to resources for applications (including device/application functions and content) is covered by a variety of standards and products going back to the 1990’s, including in the specific scope of the WARP spec (managed access to Web resources/content). From the detailed description, there may be overlap between US-20070101433 and US-20070101146 (application), and specifications for application security and deployed products such as the following: • Dec 6, 1998: Website “Netscape Object Signing Establishing Trust for Downloaded Software”, http://web.archive.org/web/19981206013607/http://developer.netscape.com/docs/manuals/signedobj/trust/index.htm • Nov 5, 2002: JSR-000118 Mobile Information Device Profile Specification 2.0 Final Release (Release: November 5, 2002): http://download.oracle.com/otn-pub/jcp/7121-midp-2.0-fr-spec-oth-JSpec/midp-2_0-fr-spec.pdf. See in particular Chapter 3 “Security for MIDP Applications” and Chapter 4 “Trusted MIDlet Suites using X.509 PKI” • March 1996: Release of Netscape Navigator 2.0, which included the “same-origin” policy for network access by Javascript applications: https://developer.mozilla.org/en/Bypassing_Security_Restrictions_and_Signing_Code. Netscape also supported the ability to bypass the same-origin policy (http://www.w3.org/Security/wiki/Same_Origin_Policy) using a Javascript API: netscape.security.PrivilegeManager.enablePrivilege(“UniversalBrowserRead”). The WARP spec defines a similar ability to bypass the same-origin restriction by declaring Web domains to be accessed by the application, in the widget manifest file. • Oct 18, 2004 (or before): “XML Security: Control information access with XACML”: http://www.ibm.com/developerworks/xml/library/x-xacml/
Received on Wednesday, 21 September 2011 10:35:10 UTC