To: marc...@opera.com; WebApps WG; otsi-arch-...@omtplists.org
Subject: RE: [BONDI Architecture Security] [widgets] new digsig draft
Hi,
One correction to what I wrote:
Instead of
a) Replace root of the archive with root of the widget
I would now suggest
a) Replace root of the archive with root
Sent: Thursday, March 26, 2009 8:42 PM
To: marc...@opera.com; WebApps WG; otsi-arch-...@omtplists.org
Subject: RE: [BONDI Architecture Security] [widgets] new digsig
draft
Hi,
One correction to what I wrote:
Instead of
a) Replace root of the archive with root of the widget
I would now
: Frederick Hirsch [mailto:frederick.hir...@nokia.com]
Sent: Friday, March 27, 2009 2:09 PM
To: Marcin Hanclik
Cc: Frederick Hirsch; marc...@opera.com Caceres; WebApps WG
Subject: Re: [BONDI Architecture Security] [widgets] new digsig draft,
further comments
Marcin
[removed cross-posting, since my
Marcin
Thanks, for the careful review. some comment inline
[removed cross post, fails anyway]
regards, Frederick
Frederick Hirsch
Nokia
On Mar 26, 2009, at 2:04 PM, ext Marcin Hanclik wrote:
Hi Marcos, All,
Please find below my - mostly editorial - comments to the latest
digsig
Hirsch [mailto:frederick.hir...@nokia.com]
Sent: Friday, March 27, 2009 2:09 PM
To: Marcin Hanclik
Cc: Frederick Hirsch; marc...@opera.com Caceres; WebApps WG
Subject: Re: [BONDI Architecture Security] [widgets] new digsig
draft, further comments
Marcin
[removed cross-posting, since my posting
Architecture Security] [widgets] new digsig draft
Marcin
Thanks, for the careful review. some comment inline
[removed cross post, fails anyway]
regards, Frederick
Frederick Hirsch
Nokia
On Mar 26, 2009, at 2:04 PM, ext Marcin Hanclik wrote:
Hi Marcos, All,
Please find below my - mostly
Dear Marcos,
I hope to have less critical comments than in my last feedback email.
1. Section 7.1: change The ds:SignatureMethod algorithm used in the
ds:SignatureValue element MUST one of the signature algorithms. to The
ds:SignatureMethod algorithm used in the ds:SignatureValue element MUST
Hi Frederick,
I support the changes below. They are all editorial in nature.
Kind regards,
Marcos
On Fri, Mar 27, 2009 at 6:26 PM, Hillebrand, Rainer
rainer.hillebr...@t-mobile.net wrote:
Dear Marcos,
I hope to have less critical comments than in my last feedback email.
1. Section 7.1:
comments inline, thanks for reviewing this
regards, Frederick
Frederick Hirsch
Nokia
On Mar 27, 2009, at 1:26 PM, ext Hillebrand, Rainer wrote:
Dear Marcos,
I hope to have less critical comments than in my last feedback email.
1. Section 7.1: change The ds:SignatureMethod algorithm used
To: Hillebrand, Rainer
Cc: Frederick Hirsch; marc...@opera.com; WebApps WG
Subject: Re: [BONDI Architecture Security] [widgets] new
digsig draft
comments inline, thanks for reviewing this
regards, Frederick
Frederick Hirsch
Nokia
On Mar 27, 2009, at 1:26 PM, ext Hillebrand, Rainer wrote:
3
Dear Marcos,
I have some proposals for editorial changes.
1. Section 1.2: change which MAY logically contains to which MAY logically
contain
2. Section 1.2: An unsigned widget package is a widget package that does not
contain any signature files. It is left to the user agent's security policy
:12:20 2009
Betreff: Re: [BONDI Architecture Security] [widgets] new digsig draft
On Thu, Mar 26, 2009 at 4:29 PM, Paddy Byers pa...@aplix.co.jp wrote:
Hi,
Agreed. Can we say were signed with the same certificate instead?
I understood that Webapps had agreed to add a signature profile
: public-webapps@w3.org; otsi-arch-...@omtplists.org
Subject: AW: Re: [BONDI Architecture Security] [widgets] new
digsig draft
Dear Marcos,
We cannot technically guarantee that the author signature
really comes from the widget's author. It is like having an
envelop with an unsigned letter
...@opera.com;
pa...@aplix.co.jp pa...@aplix.co.jp
Cc: public-webapps@w3.org public-webapps@w3.org; otsi-arch-...@omtplists.org
otsi-arch-...@omtplists.org
Gesendet: Thu Mar 26 17:58:03 2009
Betreff: RE: Re: [BONDI Architecture Security] [widgets] new digsig draft
Hi All,
As the author signature
Gesendet: Thu Mar 26 18:34:57 2009
Betreff: Re: [BONDI Architecture Security] [widgets] new digsig draft
I think I disagree, since the intent *is* to identify the author, that
is the semantics, and this proposed change makes it less clear.
Of course we can argue whether or not you achieve
-webapps@w3.org public-webapps@w3.org; otsi-arch-...@omtplists.org
otsi-arch-...@omtplists.org
Gesendet: Thu Mar 26 18:34:57 2009
Betreff: Re: [BONDI Architecture Security] [widgets] new digsig
draft
I think I disagree, since the intent *is* to identify the author, that
is the semantics
Hi Marcos, All,
Please find below my - mostly editorial - comments to the latest digsig draft
and one comment for PC.
Thanks.
Kind regards,
Marcin
1. Section 1: ... with XML signatures that each cryptographically include all
of the non-signature ...
should become (missing s)
... with XML
- Originalnachricht -
Von: Marcos Caceres marc...@opera.com
An: Hillebrand, Rainer
Cc: WebApps WG public-webapps@w3.org; otsi-arch-...@omtplists.org otsi-arch-...@omtplists.org
Gesendet: Thu Mar 26 16:24:22 2009
Betreff: Re: [BONDI Architecture Security] [widgets] new digsig
draft
Hi Rainer
: Thu Mar 26 17:12:20 2009
Betreff: Re: [BONDI Architecture Security] [widgets] new digsig
draft
On Thu, Mar 26, 2009 at 4:29 PM, Paddy Byers pa...@aplix.co.jp
wrote:
Hi,
Agreed. Can we say were signed with the same certificate instead?
I understood that Webapps had agreed to add
WG; otsi-arch-...@omtplists.org
Subject: RE: [BONDI Architecture Security] [widgets] new digsig draft
Hi Marcos, All,
Please find below my - mostly editorial - comments to the latest digsig draft
and one comment for PC.
Thanks.
Kind regards,
Marcin
1. Section 1: ... with XML signatures
, March 26, 2009 7:05 PM
To: Hillebrand, Rainer
Cc: frederick.hir...@nokia.com; mark.priest...@vodafone.com; marc...@opera.com
; pa...@aplix.co.jp; public-webapps@w3.org; otsi-arch-...@omtplists.org
Subject: Re: AW: Re: [BONDI Architecture Security] [widgets] new
digsig draft
What the author
, March 26, 2009 10:38 PM
To: Hillebrand, Rainer
Cc: marc...@opera.com; pa...@aplix.co.jp; public-webapps@w3.org;
otsi-arch-...@omtplists.org
Subject: Re: AW: Re: [BONDI Architecture Security] [widgets] new digsig draft
Suggestion:
The author signature asserts that the signing party is an author
Hi,
I have been trying to identify the term author in Widget specs.
I think we're in danger of getting into details that are irrelevant for the
PC specification.
This spec should define what information is asserted by the presence of the
author and distributor signatures.
It is up to a
23 matches
Mail list logo