Also works for me. Marcos On Thursday, April 23, 2009, Arthur Barstow <[email protected]> wrote: > A shorter counter-proposal below ... > > On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote: > > > On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch > <[email protected]> wrote: > > ISSUE-83 states: > Instantiated widget should not be able to read digital signature > http://www.w3.org/2008/webapps/track/issues/83 > > The following is a proposal of text to add to P&C to address this issue, > based on text from Marcos and adding the notion of allowing policy and > access control mechanisms to be used: > > "Where a user agent that implements this specification interacts with > implementations of other specifications, this user agent MUST deny other > implementations access to digital signature documents unless an access > control mechanism is in place to enable access according to policy. The > definition of such a policy mechanism is out of scope of this > specification, but may be defined to allow access to all or parts of the > signature documents, or deny any such access. An exception is if a user > agent that implements this specification also implements the OPTIONAL > [Widgts-DigSig] specification, in which case the user agent MUST make > signature documents available to the implementation of the [Widgets-DigSig] > specification." > > > Added under "Digital Signatures" section. If Mark is happy, then we > should close this issue. > > > Proposed text: > > [[ > A user agent MUST prevent a widget from accessing the contents of > a digital signature document unless an access control mechanism > explicitly enables such access e.g. via an access control policy. > The definition of such a policy mechanism is out of scope of > this specification, but may be defined to allow access to all or > parts of the signature documents, or deny any such access. > ]] > > -Regards, Art Barstow > > > >
-- Marcos Caceres http://datadriven.com.au
