[cors] Call for Consensus to publish new Working Draft; ends March 6

WebApps WG members, This is Call for Consensus to publish a new Working Draft of the CORS spec (with a new cors short-name): http://dev.w3.org/2006/waf/access-control/ Please respond by March 6 at the latest. As always, positive response is preferred and encouraged and silence will be

RE: Reminder: January 31 comment deadline for LCWD of Widgets 1.0: Packaging Configuration spec

Dear Marcos, I have some doubts that a secure transport of a widget resource is so important in case of a signed widget resource. I would agree with you that we currently do not know how a signature is considered because we do not have a security framework and security policies that would

Re: BONDI Candidate Release 1.0 - open for public comment until 9th of March 2009

David, Since many of WebApps' members are not familiar with OMTP and BONDI, I have a some first order process-related questions regarding the proposed Release Candidate (RC). I'll withhold other comments e.g spec forking, fragmentation, etc. for now. * Where can we find the process that

Re: Reminder: January 31 comment deadline for LCWD of Widgets 1.0: Packaging Configuration spec

Rainer, On Mon, Mar 2, 2009 at 2:01 PM, Hillebrand, Rainer rainer.hillebr...@t-mobile.net wrote: Dear Marcos, I have some doubts that a secure transport of a widget resource is so important in case of a signed widget resource. I would agree with you that we currently do not know how a

Re: Reminder: January 31 comment deadline for LCWD of Widgets 1.0: Packaging Configuration spec

On Mon, Mar 2, 2009 at 2:56 PM, Hillebrand, Rainer rainer.hillebr...@t-mobile.net wrote: Dear Marcos, In order to detect a man-in-the-middle-attack, a widget resource is signed, either by an author's certificate that I trust or by an author certificate and a distributor certificate that I

RE: Reminder: January 31 comment deadline for LCWD of Widgets 1.0: Packaging Configuration spec

Dear Marcos, I added my comments inline. Best Regards, Rainer * T-Mobile International Terminal Technology Rainer Hillebrand Head of Terminal Security Landgrabenweg 151, D-53227 Bonn Germany +49 171 5211056 (My T-Mobile) +49 228 936 13916 (Tel.) +49 228 936

Re: [cors] Call for Consensus to publish new Working Draft; ends March 6

On Mon, 02 Mar 2009 12:57:05 +0100, Arthur Barstow art.bars...@nokia.com wrote: WebApps WG members, This is Call for Consensus to publish a new Working Draft of the CORS spec (with a new cors short-name): http://dev.w3.org/2006/waf/access-control/ Please respond by March 6 at the

Additional Widgets 1.0 Digital Signatures updates

I have completed additional changes to the Widgets 1.0 Digital Signatures draft: http://dev.w3.org/2006/waf/widgets-digsig/ Redline of recent changes http://dev.w3.org/2006/waf/widgets-digsig/Overview-diff.html Additional changes include - change stylesheet to be for editors draft - rewrite

Re: [cors] Status

On Mon, 02 Mar 2009 20:20:52 +0900, Arthur Barstow art.bars...@nokia.com wrote: I think your proposals below [1] are reasonable. If you haven't done so already, please close the related issues and actions (or let me know if you want me to do so.). -Regards, Art Barstow [1]

Re: [WebIDL] On overloaded operations in an effective overload set

Hi Cameron, Thank you very much for the response. It's very nice for us to get your perspective. Do you have an opinion on how disambiguation should be performed for an ECMAScript value passed in to such an overloaded operation? I've chatted with several engineers and researchers about this.