Hi,
I support this view.
In the whole design of various widget signatures it seems important
that there is a list of signatures and from this list one is the
distinguished one.
Naming of the signatures is not very important, I think.
The term "author" is not defined anywhere. It does not have to be a
human being.
Probably sooner or later (depending on the market) the author could
be someone/some entity/something who/that takes the responsibility
for what the widget actually does - as pointed out by Thomas - or
who/that initiated some idea behind the widget's functionality.
What then the distributor signatures are for?
I assume some responsibility could also be assigned to them, but it
is out of the scope of the standard that is to only cover the
technical aspects.
Verification of integrity and signature are one thing, and
responsibilities are covered by other agreements.
I understand that the author signature could also be used to honour
the actual developer (a person) of the widget, but this seems to be
just some principle in the business world.
Thanks.
Kind regards,
Marcin
________________________________________
From: [email protected] [[email protected]]
On Behalf Of Thomas Roessler [[email protected]]
Sent: Thursday, March 26, 2009 7:05 PM
To: Hillebrand, Rainer
Cc: [email protected]; [email protected]; [email protected]
; [email protected]; [email protected]; [email protected]
Subject: Re: AW: Re: [BONDI Architecture & Security] [widgets] new
digsig draft
What the author certificate lets you verify is whether a single party
is taking responsibility for two widgets.
There is indeed no *proof* of authorship here, but a statement that
the signer is willing to assume the blame for being the widget's
author. Which is all we need, no?
--
Thomas Roessler, W3C <[email protected]>
On 26 Mar 2009, at 19:00, Hillebrand, Rainer wrote:
Dear Frederick,
The intent is clear but the technical solution will only provide
confidence if you trust the owner of the author certificate. If you
trust the owner then it is very likely for you that a widget with
this author signature really comes from this author. However, there
is no technical relationship between the widget author and the owner
of the author certificate that you can technically verify.
Best Regards,
Rainer
---------------------------------------
Sent from my mobile device
----- Originalnachricht -----
Von: Frederick Hirsch <[email protected]>
An: ext Priestley, Mark, VF-Group <[email protected]>
Cc: Frederick Hirsch <[email protected]>; Hillebrand,
Rainer; [email protected] <[email protected]>; [email protected]
<[email protected]
; [email protected] <[email protected]>; [email protected]
<[email protected]>
Gesendet: Thu Mar 26 18:34:57 2009
Betreff: Re: [BONDI Architecture & Security] [widgets] new digsig
draft
I think I disagree, since the intent *is* to identify the author,
that
is the semantics, and this proposed change makes it less clear.
Of course we can argue whether or not you achieve that if you cannot
associate the signature with the author, but that is out of scope.
regards, Frederick
Frederick Hirsch
Nokia
On Mar 26, 2009, at 12:58 PM, ext Priestley, Mark, VF-Group wrote:
Hi All,
As the author signature was something I had a hand in creating let
me add my 2 pence worth.
Rainer is correct in that the author signature need not actually
come from the author of the widget. It comes from someone who claims
to be the widget's author. Whether you believe this claim depends on
how much you trust the signer.
In [1] the current text says:
[
The author signature can be used to determine:
* the author of a widget,
* that the integrity of the widget is as the author intended,
* and whether two widgets came from the same author.
]
I would suggest changing this to:
[
The author signature can be used to:
* authenticate the identity of the entity that added the author
signature to the widget package,
* confirm that no widget files have been modified, deleted or
added since the generation of the author signature.
The author signature may be used to:
* determine whether two widgets came from the same author.
]
The reason the last point is a may is as follows:
If two widgets contain author signatures that were created using the
same private key then we can say that the widgets were both signed
by someone who had access to that key. That would normally mean the
same entity (author, company, whatever). If the owner of that key
shares it with others then obviously this no longer is true.
However, this is the choice of the owner of the key - normally you
would not share your private key!
One additional point to add. We also define a distributor signature.
Distributor signatures cover the author signature. As such a
distributor signature may (depending on other factors) be making an
implicit statement that the distributor believes the owner of the
author signature to be the widget's author.
Any clearer?
Thanks,
Mark
[1] http://dev.w3.org/2006/waf/widgets-digsig/Overview.html
T-Mobile International AG
Aufsichtsrat/ Supervisory Board: René Obermann (Vorsitzender/
Chairman)
Vorstand/ Board of Management: Hamid Akhavan (Vorsitzender/
Chairman), Michael Günther, Lothar A. Harings, Katharina Hollender
Handelsregister/Commercial Register Entry: Amtsgericht Bonn, HRB
12276
Steuer-Nr./Tax No.: 205 / 5777/ 0518
USt.-ID./VAT Reg.No.: DE189669124
Sitz der Gesellschaft/ Corporate Headquarters: Bonn
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Hillebrand,
Rainer
Sent: 26 March 2009 16:20
To: [email protected]; [email protected]
Cc: [email protected]; [email protected]
Subject: AW: Re: [BONDI Architecture & Security] [widgets] new
digsig draft
Dear Marcos,
We cannot technically guarantee that the author signature
really comes from the widget's author. It is like having an
envelop with an unsigned letter. The envelop and the letter
can come from different sources even if the envelop has a
signature.
Best Regards,
Rainer
---------------------------------------
Sent from my mobile device
----- Originalnachricht -----
Von: Marcos Caceres <[email protected]>
An: Paddy Byers <[email protected]>
Cc: Hillebrand, Rainer; WebApps WG <[email protected]>;
[email protected] <[email protected]>
Gesendet: Thu Mar 26 17:12:20 2009
Betreff: Re: [BONDI Architecture & Security] [widgets] new digsig
draft
On Thu, Mar 26, 2009 at 4:29 PM, Paddy Byers <[email protected]>
wrote:
Hi,
Agreed. Can we say "were signed with the same certificate"
instead?
I understood that Webapps had agreed to add a signature profile
that
designates a particular signature as the author signature -
and where
this is present it is possible to come up with appropriate precise
wording as to whether or not two packages originate from the
same author.
Well, that's basically what we have, but Rainer seems to imply
that it is impossible to do this. I think we get as close as
we technically can to achieving that goal. However, if that
current solution is inadequate, then please send us suggestions.
--
Marcos Caceres
http://datadriven.com.au
T-Mobile International AG
Aufsichtsrat/ Supervisory Board: René Obermann (Vorsitzender/
Chairman)
Vorstand/ Board of Management: Hamid Akhavan (Vorsitzender/
Chairman), Michael Günther, Lothar A. Harings, Katharina Hollender
Handelsregister/Commercial Register Entry: Amtsgericht Bonn, HRB
12276
Steuer-Nr./Tax No.: 205 / 5777/ 0518
USt.-ID./VAT Reg.No.: DE189669124
Sitz der Gesellschaft/ Corporate Headquarters: Bonn
________________________________________
Access Systems Germany GmbH
Essener Strasse 5 | D-46047 Oberhausen
HRB 13548 Amtsgericht Duisburg
Geschaeftsfuehrer: Michel Piquemal, Tomonori Watanabe, Yusuke Kanda
www.access-company.com
CONFIDENTIALITY NOTICE
This e-mail and any attachments hereto may contain information that
is privileged or confidential, and is intended for use only by the
individual or entity to which it is addressed. Any disclosure,
copying or distribution of the information by anyone else is
strictly prohibited.
If you have received this document in error, please notify us
promptly by responding to this e-mail. Thank you.
