Marcos
Rather than replicating this, which might be error prone and hard to
maintain, perhaps Widget Signature should reference P & C for this.
What do you think ?
regards, Frederick
On Mar 17, 2009, at 8:15 AM, ext Marcos Caceres wrote:
Hi Frederick,
On 3/17/09 1:01 PM, Frederick Hirsch wrote:
The latest draft includes the revised text from Thomas.
Marcos, are you suggesting we add something more? It sounds like what
you are saying here, is that it should be a valid widget file. Isn't
that part of P&C checking? I'm not sure what it means to check that
the
paths are "as secure as possible."
You might want to check the following section of the P&C [1] and see
if
it is usable in dig sigs. Given that the paths in the <reference>
elements MUST be zip-relative-paths, the rules for checking the
validity
of those paths may apply to the Widgets Dig Sig spec.
[1] http://dev.w3.org/2006/waf/widgets/#zip-relative-paths
regards, Frederick
Frederick Hirsch
Nokia