On 2015-05-08 14:32, Frederick Hirsch wrote:
no objection, the referenced document is a Recommendation, isn't it?


This seems to be a rather theoretical discussion:



regards, Frederick

Frederick Hirsch

Chair XML Security WG


On May 8, 2015, at 7:14 AM, Arthur Barstow <art.bars...@gmail.com> wrote:

[ + Marcos and Frederick ]

Hi Andrew,

The group stopped working on XML Digital Signature for Widgets several years 
ago and there is no plan to resume work (except to process errata as required).

Marcos, Frederick - this spec's namespace document includes the following 


Implementers should be aware that this document is not stable.

Any objections from you or anyone else to remove this statement?

-Thanks, ArtB

On 5/7/15 5:55 AM, Andrew Twigger wrote:

ATSC and CEA are developing standards that include the ability to download 
digital signed applications. Their current specifications reference the W3C 
Recommendation for XML Digital Signature for Widgets (18 April 2013).  However, 
the associated Widgets Digital Signature Namespace 
(http://www.w3.org/ns/widgets-digsig/) contains a statement that “Implementers 
should be aware that this document is not stable.” which has raised questions 
as to the stability and suitability of referencing Widget DigSig.  The 
alternative would be to reference XAdES with the C and T forms to allow for the 
inclusion of timestamp and certificate revocation information which are not 
included in Widget DigSig.

I would be pleased to receive any information regarding the stability of Widget 
DigSig and whether referencing XAdES would provide a better alternative.


Andrew Twigger

Reply via email to