, 2015 (2 weeks) to this CfC.
Thanks
regards, Frederick
Frederick Hirsch
Chair, W3C Device APIs WG (DAP)
www.fjhirsch.com
@fjhirsch
[1] http://www.w3.org/2009/dap/#webintents
[2] http://w3c.github.io/dap-charter/DeviceAPICharter.html
[3] http://www.w3.org/2015/10/webplatform-charter.html
015, at 4:32 PM, Frederick Hirsch <w...@fjhirsch.com> wrote:
>
> This is a call for consensus (CfC) to publish a First Public Working Draft
> (FPWD) of FindText API; deadline 14 October (1 week)
>
> This FindText API is joint deliverable of the WebApps WG and Web Annotation
n
>
>
> > On 06 Oct 2015, at 22:32 , Frederick Hirsch <w...@fjhirsch.com> wrote:
> >
> > This is a call for consensus (CfC) to publish a First Public Working Draft
> > (FPWD) of FindText API; deadline 14 October (1 week)
> >
> > This FindText API is joint d
nts and the specification may be updated.
If you have any comments or concerns about this CfC, please reply to this
e-mail by 14 October at the latest. Positive response is preferred and
encouraged, even a +1 will do Silence will be considered as agreement with the
proposal.
regards, Frederick &a
no objection, the referenced document is a Recommendation, isn't it?
http://www.w3.org/TR/widgets-digsig/
regards, Frederick
Frederick Hirsch
Chair XML Security WG
fjhirsch.com
@fjhirsch
On May 8, 2015, at 7:14 AM, Arthur Barstow art.bars...@gmail.com wrote:
[ + Marcos and Frederick
? This might be useful before considering venue for the work and
detailed issues. (Is there a public web page with information on current
implementations?)
thanks
regards, Frederick
Frederick Hirsch
www.fjhirsch.com
@fjhirsch
On Apr 1, 2015, at 5:22 AM, Nilsson, Claes1 claes1.nils
Dear Tab Atkins Jr. ,
The Device APIs Working Group has reviewed the comments you sent [1] on the
Last Call Working Draft [2] of the Ambient Light Events published on 13 Dec
2012. Thank you for having taken the time to review the document and to
send us comments!
The Working Group's response to
Dear Marcos Caceres ,
The XML Security Working Group has reviewed the comments you sent [1] on
the Last Call Working Draft [2] of the XML Signature Syntax and Processing
Version 1.1 published on 3 Mar 2011. Thank you for having taken the time to
review the document and to send us comments!
The
is a battery
- isBeingCharged: true if the current power source is a battery and is
being charged
What do you think?
This seems clearer and more straightforward.
regards, Frederick
Frederick Hirsch
Nokia
On May 11, 2010, at 10:47 AM, ext Max Froumentin wrote:
On 10/05/2010 17:36, timeless
Andreas
Thanks, good catch.
regards, Frederick
Frederick Hirsch
Nokia
On May 5, 2010, at 11:41 AM, ext Andreas Kuehne wrote:
Hi all,
just a minor comment found by build a test case :
Section 7.1. Common Constraints for Signature Generation and
Validation
1. [...]
2
in the proposed editors draft [1] this is section 10.2 item #3
I suggest we change 3a from The URI attribute ... to be For
references that are not same-document references, the URI attribute...
regards, Frederick
Frederick Hirsch
Nokia
On May 5, 2010, at 11:41 AM, ext Andreas Kuehne
; and References for [XMLDSIG11], [XMLSecAlgs],
[XMLDSIG-Properties].
regards, Frederick
Frederick Hirsch
Nokia
[1] http://lists.w3.org/Archives/Public/public-webapps/2010AprJun/0051.html
, Frederick
Frederick Hirsch
Nokia
On Apr 7, 2010, at 6:04 AM, ext Thomas Roessler wrote:
kue...@trustable.de wrote:
from the implementors perspective these modifications don't
introduce too much trouble. But I'm a little bit concerned about
the explicit ban of canonicalizations for 'external
]? These are intended to improve
simplicity, usability, streamability, reduced attack surface etc. Your
comments would be very welcome!
regards, Frederick
Frederick Hirsch
Nokia
[1] http://www.w3.org/TR/2010/WD-xml-c14n2-20100304/
[2] http://www.w3.org/TR/2010/WD-xmldsig-core2-20100304
Frederick Hirsch
Nokia
On Apr 7, 2010, at 9:19 AM, Hirsch Frederick (Nokia-CIC/Boston) wrote:
Thanks Andreas
Yes it seems counter-intuitive not to canonicalize XML, but it is
really only needed once the XML has been parsed, and avoiding
canonicalization saves resources.
Are you aware of the XML
] DigestMethod Algorithm=http://www.w3.org/2001/04/
xmlenc#sha256/
[s10] DigestValuedGhpcyBpcyBub3QgYSBzaWduYXR1cmUK.../DigestValue
[s11] /Reference
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-o-Simple
regards, Frederick
Frederick Hirsch
Nokia
On Mar 29, 2010, at 4:16 PM
lines):
Reference URI=config.xml
Reference URI=#prop
--
regards, Frederick
Frederick Hirsch
Nokia
[1] http://www.w3.org/TR/widgets-digsig/
-20/
* XML Signature 2.0: http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-20/
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG
On Feb 10, 2010, at 6:48 AM, Barstow Art (Nokia-CIC/Boston) wrote:
Last week the XML Security WG published LCWDs of two specs the Widget
Digital
to date.
This should not break any implementations but make it easier to find
and work with the schema.
Comments/corrections welcome.
Thanks
regards, Frederick
Frederick Hirsch
Nokia
Begin forwarded message:
From: Hirsch Frederick (Nokia-CIC/Boston) frederick.hir...@nokia.com
Date
that Signature Properties is about to enter Last Call.
regards, Frederick
Frederick Hirsch
Nokia
[1] http://www.w3.org/2005/10/Process-20051014/tr.html#cfi
On Jan 7, 2010, at 2:17 PM, Barstow Art (Nokia-CIC/Boston) wrote:
The XML Security WG is considering changing the syntax of the Profile
+1, duplicating material is a recipe for disaster.
regards, Frederick
Frederick Hirsch
Nokia
On Dec 2, 2009, at 8:22 AM, ext Robin Berjon wrote:
On Dec 1, 2009, at 22:22 , Marcin Hanclik wrote:
Can you please update this to just be a delta?
As far as I know W3C specs, delta documents
.
Do we need to go into more detail on these two (as examples)?
regards, Frederick
Frederick Hirsch
Nokia
On Nov 20, 2009, at 9:15 AM, ext Jeremy Orlow wrote:
These are reasons, but I think the greatest cause of our concern is
that we have not seen any examples of how policies can provide
detail on the use cases or
additional use cases?
regards, Frederick
Frederick Hirsch
Nokia
On Nov 20, 2009, at 10:12 AM, ext Marcin Hanclik wrote:
Hi,
Reliably identified Websites can send and receive SMS except to
premium rate numbers.
There seems to be no worldwide pattern to recognize
directories are for or where to
navigate). Arbitrary directory navigation for writing files is not a
good idea.
More importantly we have to be careful with analogies.
regards, Frederick
Frederick Hirsch
Nokia
On Nov 18, 2009, at 3:14 PM, ext Jonas Sicking wrote:
On Wed, Nov 18, 2009 at 5:27
as
an integral part of API development, while also developing policy
mechanisms, thus I do not think the view you mention is widely held.
regards, Frederick
Frederick Hirsch
Nokia
On Nov 10, 2009, at 8:47 PM, ext Maciej Stachowiak wrote:
On Nov 10, 2009, at 3:09 AM, Robin Berjon wrote:
On Nov 10
WG from
everyone who can help the DAP WG and I'd like to make sure that
somehow we have this discussion during TPAC.
Thus Agenda topic for joint DAP/Webapps-Widget is Security
Considerations, including HTML5.
regards, Frederick
Frederick Hirsch, Nokia
Co-Chair, W3C DAP Working Group
David
Would it be possible for you to summarize what you think the issue is,
as far as architecture and technical disparities, as a first step?
regards, Frederick
Frederick Hirsch
Nokia
On Oct 29, 2009, at 11:54 AM, ext David Rogers wrote:
Hi,
As discussed on the webapps call
in the widget package,
syntax correctness, presence of required property elements, and use
of Role attribute for author and distributor signatures.
2. Signature value verification when specific algorithms are used for
a given input.
regards, Frederick
Frederick Hirsch
Nokia
On Oct 8
Christian
You are correct, thank you for catching this error.
I have updated the editors draft accordingly.
http://dev.w3.org/2006/waf/widgets-digsig/#example
regards, Frederick
Frederick Hirsch
Nokia
On Oct 6, 2009, at 9:44 AM, ext Breitschwerdt, Christian, VF-Group
wrote:
Hi Marcos
isn't the mere knowledge of the level of activity on a device a
possible privacy concern, and couldn't the pattern of activity offer a
traffic analysis type opportunity?
regards, Frederick
Frederick Hirsch
Nokia
On Sep 17, 2009, at 1:35 PM, ext Jeremy Orlow wrote:
On Thu, Sep 17, 2009
.
if this is correct, aren't these fundamentally different?
regards, Frederick
Frederick Hirsch
Nokia
On Aug 27, 2009, at 2:06 PM, ext Marcin Hanclik wrote:
Hi All,
Here are a couple of the Last Call comments to WARP LCWD [1].
They were already partially presented in my emails [2] and [3
So the issue is not confidentiality, it is inappropriate script
execution. Got it.
Thanks Anne
regards, Frederick
Frederick Hirsch
Nokia
On Jul 1, 2009, at 5:34 AM, ext Anne van Kesteren wrote:
I might not have time to address your larger set of questions before I
leave on vacation
adhere to HTTP redirect semantics. as an editors note.
25 Editorial: Section 6.1
some of the spacing between items seems to need additional space
26 Editorial: Section 7.3
Replace progresing with progressing
regards, Frederick
Frederick Hirsch
Nokia
policy
3. if policy disallows then the browser does not allow the content to
be used.
In any case, doesn't this open an attack to get the content by
sniffing the wire for the response content, regardless of the header?
regards, Frederick
Frederick Hirsch
Nokia
[1] http://arunranga.com
copying this message with the XML Security WG.
Thanks
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG
[1] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-Schema
[2] http://www.w3.org/2007/xmlsec/Drafts/xmldsig-rngschema/
On Jun 25, 2009, at 7:13 AM, ext Kai
XML Signature 1.1 should be referenced. It defines the URI for the
algorithms, context for use in XML Signature, and references etc.
regards, Frederick
Frederick Hirsch
Nokia
On Jun 8, 2009, at 8:30 AM, ext Marcin Hanclik wrote:
Hi Marcos,
Also, DSA-SHA-1, RSA-SHA-256, and ECDSA-SHA
call to freeze the spec but I
guess not... )
regards, Frederick
Frederick Hirsch
Nokia
On Jun 8, 2009, at 7:07 AM, ext Marcos Caceres wrote:
On Thu, Jun 4, 2009 at 2:27 PM, Priestley, Mark,
VF-Groupmark.priest...@vodafone.com wrote:
Hi Art, All,
Vodafone has some late comments which
XML Signature 1.1 notes that the order of certificates in X.509Data is
not specified.
http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-X509Data
Is this really expected to be an issue, with long cert chains?
regards, Frederick
Frederick Hirsch
Nokia
On Jun 4, 2009
Thanks for the review Josh. These all look editorial to me and I
assume we can handle them during CR.
regards, Frederick
Frederick Hirsch
Nokia
On Jun 4, 2009, at 9:30 AM, ext timeless wrote:
Hi, apologies for the late comments.
I hope all of my comments are of an editorial nature
I assume this issue is closed with no need to add this text, given the
subsequent thread. If this is incorrect please note that on the list.
Thanks
regards, Frederick
Frederick Hirsch
Nokia
On May 5, 2009, at 6:33 AM, Barstow Art (Nokia-CIC/Boston) wrote:
On May 4, 2009, at 10:13 AM
+1
I don't see the need for that paragraph.
regards, Frederick
Frederick Hirsch
Nokia
On Apr 29, 2009, at 6:36 AM, ext Thomas Roessler wrote:
Hi Frederick,
Some tiny editorial changes
I think we should add the following sub-section to the Status of
This Document:
[[
h3 class=no-num
comments inline, including proposals. thanks for the review
regards, Frederick
Frederick Hirsch
Nokia
On Apr 29, 2009, at 4:01 AM, ext Marcos Caceres wrote:
Hi Frederick,
Some tiny editorial changes
I think we should add the following sub-section to the Status of
This Document
issues with these
changes or any other corrections by tomorrow morning Eastern time.
Thank you
regards, Frederick
Frederick Hirsch
Nokia
[1]
http://dev.w3.org/2006/waf/widgets-digsig/#naming-convention-for-an-author-signature
and
http://dev.w3.org/2006/waf/widgets-digsig/#naming-convention
I've added this to the Widgets Signature specification.
regards, Frederick
Frederick Hirsch
Nokia
On Apr 23, 2009, at 3:18 AM, ext Priestley, Mark, VF-Group wrote:
Thanks Frederick!
-Original Message-
From: Frederick Hirsch [mailto:frederick.hir...@nokia.com]
Sent: 22 April 2009
I agree . Also to be clear Mark, I believe you are saying VF supports
a MUST in the XML Signature 1.1 specification.
regards, Frederick
Frederick Hirsch
Nokia
On Apr 23, 2009, at 8:15 AM, ext David Rogers wrote:
Marcos,
Surely the logic should support algorithm evolution in that way
Added FIPS-186-3 reference
http://dev.w3.org/2006/waf/widgets-digsig/
Note that we will need to update the Signature Properties reference,
when that specification is published with this specification.
regards, Frederick
Frederick Hirsch
Nokia
of Signature Properties, thus
remove section 9 from widget signature
http://dev.w3.org/2006/waf/widgets-digsig/#sigproperties
any other comments received that we might have missed?
regards, Frederick
Frederick Hirsch
Nokia
On Apr 22, 2009, at 7:36 AM, Barstow Art (Nokia-CIC/Boston) wrote
I agree that the sentence should be dropped.
I'll take an editorial pass today to remove that sentence, address the
agreed changes on Mark's editorial comments and to remove the Created
material.
Thanks for noting this one.
regards, Frederick
Frederick Hirsch
Nokia
On Apr 22, 2009
don't think we can always expect creation of a physical file for
processing. Suggest not making any change here.
regards, Frederick
Frederick Hirsch
Nokia
On Apr 22, 2009, at 6:45 AM, ext Marcos Caceres wrote:
On Tue, Apr 21, 2009 at 11:14 PM, Frederick Hirsch
frederick.hir...@nokia.com wrote
in general.
regards, Frederick
Frederick Hirsch
Nokia
and also to see if any new mistakes have been introduced.
regards, Frederick
Frederick Hirsch
Nokia
On Apr 22, 2009, at 5:53 PM, ext Priestley, Mark, VF-Group wrote:
Thanks Frederick and Marcos - responses inline.
Only a couple of questions left :)
Regards,
Mark
-Original Message-
From
[Widgts-DigSig] specification, in which case
the user agent MUST make signature documents available to the
implementation of the [Widgets-DigSig] specification.
This message should complete ACTION-329 which should be closed.
regards, Frederick
Frederick Hirsch
Nokia
if there is no need for the Created property in the Widgets Signature
spec I suggest we remove it, though keep what we have in the Signature
Properties specification.
regards, Frederick
Frederick Hirsch
Nokia
On Apr 15, 2009, at 5:45 AM, ext Priestley, Mark, VF-Group wrote:
Dear All
+1
I do not understand the attack, but can envision cases where
precluding access could cause problems. Examples might be user see
what is signed or access to signature properties.
Is this an access control issue rather than a general specification
rule?
regards, Frederick
Frederick
be required in Widget Signature.
Please share this additional information in your organization and
indicate if it would cause any change in position regarding the
mandatory to implement algorithms.
Thank you
regards, Frederick
Frederick Hirsch, Nokia
Chair XML Security WG
[1] http://lists.w3
Marcin
[removed cross-posting, since my posting would fail anyway]
comments inline
regards, Frederick
Frederick Hirsch
Nokia
On Mar 27, 2009, at 5:27 AM, ext Marcin Hanclik wrote:
Hi Marcos,
These are my further comments to the DigSig spec:
1. There is no section about typographic
Marcin
Thanks, for the careful review. some comment inline
[removed cross post, fails anyway]
regards, Frederick
Frederick Hirsch
Nokia
On Mar 26, 2009, at 2:04 PM, ext Marcin Hanclik wrote:
Hi Marcos, All,
Please find below my - mostly editorial - comments to the latest
digsig
...
also, ok with your proposed change
Within a widget package these signature files MUST be ordered based on
the numeric portion of the signature file name.
regards, Frederick
Frederick Hirsch
Nokia
On Mar 27, 2009, at 9:41 AM, ext Marcin Hanclik wrote:
Hi Frederick,
Thanks for your review
No I agree, we are trying to stay away from legal statements , that
requires much more.
regards, Frederick
Frederick Hirsch
Nokia
On Mar 27, 2009, at 10:40 AM, ext Marcin Hanclik wrote:
Hi Frederick,
re author, would the term creator in the sentence from Thomas
help,
this probably
comments inline, thanks for reviewing this
regards, Frederick
Frederick Hirsch
Nokia
On Mar 27, 2009, at 1:26 PM, ext Hillebrand, Rainer wrote:
Dear Marcos,
I hope to have less critical comments than in my last feedback email.
1. Section 7.1: change The ds:SignatureMethod algorithm used
I think we should remove it.
Also, I revised the e.g. as follows
... undesireable and security relevant effects, such as overwriting of
startup or system files.
regards, Frederick
Frederick Hirsch
Nokia
On Mar 27, 2009, at 2:00 PM, ext Hillebrand, Rainer wrote:
Dear Frederick,
I
. Removed trust anchor text in 7.3:
The set of acceptable trust anchors, and policy decisions based on
the signer's identity are established through a security-critical out-
of-band mechanism.
http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/0982.html
regards, Frederick
Frederick
Marcos
I checked in another revision to fix the broken link in 7. 2 (last
sentence included s in span) and to fix various validation errors.
The latest revision looks ok to me now, version 1.85 of
Overview.src.html, version 1.93 of Overview.html
regards, Frederick
Frederick Hirsch
I fixed one additional ordered list nit in widgets signature, so it
validates correctly.
When published the document date will need to be updated to the
publication date.
regards, Frederick
Frederick Hirsch
Nokia
the
same signing key are from the same party .
regards, Frederick
Frederick Hirsch
Nokia
On Mar 26, 2009, at 12:14 PM, ext Hillebrand, Rainer wrote:
Hi Marcos!
I agree with your suggestions.
Best Regards,
Rainer
---
Sent from my mobile device
I think the draft provides enough assurance for the intended level of
use. If you want higher levels of assurance more will be required, but
I don't believe we have a requirement here for that.
regards, Frederick
Frederick Hirsch
Nokia
On Mar 26, 2009, at 12:20 PM, ext Hillebrand, Rainer
as policy and other such
important considerations, which we have not detailed in the
specification.
regards, Frederick
Frederick Hirsch
Nokia
On Mar 26, 2009, at 5:06 PM, ext Marcin Hanclik wrote:
Hi,
I support this view.
In the whole design of various widget signatures it seems
of XML SIgnature 1.1.
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/#algorithms
length defined for each algorithm but can defer for now.
Will this change of sentence work ?
Thanks
regards, Frederick
Frederick Hirsch
Nokia
(for some reason this message of yours did not reach my personal
inbox, but it was on the list)
Hi Frederick, I agree with all of your changes
earlier that we would add this material.
4. Changed Security Policy to lowercase as appropriate.
This should complete all my editorial actions before publication.
Please review and let me know of any corrections or noted omissions.
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org
Completed additional changes to Editorial note in section 6, added
links to XML Security WG home page, list of comments on FPWD and
mailto link for comments on XML Signature 1.1.
Also fixed editorial nit, final set to a final set
regards, Frederick
Frederick Hirsch
Nokia
On Mar 19, 2009
, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/
On Mar 17, 2009, at 8:15 AM, ext Marcos Caceres wrote:
Hi Frederick,
On 3/17/09 1:01 PM, Frederick Hirsch wrote:
The latest draft includes the revised text from Thomas.
Marcos, are you suggesting we add
of the recommended key length
Does this change make sense? Do you have any suggestion or comment?
Thanks for the careful review of the draft.
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/
[mp] While this is better I think it misses the fact that we are
strongly
additional comment or corrections. Thanks
Marcos for suggestions to this wording.
(Also removed Inc from Nokia in title page)
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/
or correction.
The latest draft also changes all usage of widget user agent to
user agent.
regards, Frederick
Frederick Hirsch
Nokia
On Mar 16, 2009, at 4:46 PM, ext Priestley, Mark, VF-Group wrote:
[mp] My view is that whether zero, one or more signatures is processed
is up to the widget user
://dev.w3.org/2006/waf/widgets/#zip-relative-paths
regards, Frederick
Frederick Hirsch
Nokia
-
SHA-256 and RSA-SHA-256.
c) I suggest removing the restatement of algorithm requirements in
section 7.1 , specifically remove #5a and #5b.
Are there any other changes needed that we are aware of?
Thanks
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/
-as elements c-nl
; continues if next line starts
; with white space
Thanks.
Kind regards,
Marcin
From: Frederick Hirsch [frederick.hir...@nokia.com]
Sent: Thursday, March 12, 2009 10:15 PM
. May 2001.http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/
[2] http://lists.w3.org/Archives/Public/public-webapps/2009JanMar/0547.html
Mark
Thanks for your review, I have some comments inline. Thomas, can you
please review my proposed change to the security considerations text
Mark mentioned?
Thanks
regards, Frederick
Frederick Hirsch
Nokia
On Mar 12, 2009, at 12:53 PM, ext Priestley, Mark, VF-Group wrote:
Hi
.
January 2008./dd
Unless I hear otherwise by Monday, I will make this change to the
editors draft. If you agree with the change please let me know.
Thanks
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/
On Mar 12, 2009, at 9:43 AM, Kapyaho Jere (Nokia-D
-zero-range
to hex? That would match the RFC approach...
regards, Frederick
Frederick Hirsch
Nokia
On Mar 12, 2009, at 12:06 PM, ext Marcin Hanclik wrote:
Hi Frederick,
One line of the ABNF quoted below could be adjusted to match
RFC5234: 3.4. Value Range Alternatives: %c##-##.
non-zero
Backus-Naur FormABNF/abbr/cite/a. D. Crocker
and P. Overell.
January 2008./dd
Unless I hear otherwise by Monday, I will make this change to the
editors draft. If you agree with the change please let me know.
Thanks
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf
I updated section 4 to correspond to this:
If the signatures list is not empty, sort the list of signatures by
the file name field in ascending numerical order (e.g.signature1.xml
followed by signature2.xml followed by signature3.xml etc).
regards, Frederick
Frederick Hirsch
Nokia
. signature01.xml to
signature09.xml.
---
Does this make sense?
regards, Frederick
Frederick Hirsch
Nokia
On Mar 5, 2009, at 9:15 AM, ext timeless wrote:
http://dev.w3.org/2006/waf/widgets-digsig/#locating-signatures
4.3
If the signatures list is not empty, sort the list of signatures
I updated the style for code items in the Digital Signature
specification to brown.
Does this work better? It does not conflict with other color uses as
far as I can tell.
Please look at
http://dev.w3.org/2006/waf/widgets-digsig/ (refresh)
regards, Frederick
Frederick Hirsch
Nokia
yes that has been the case ever since I've started working on this.
Perhaps there is a W3C standard stylesheet we should be using. I'm not
sure why the spec defines its own styles
regards, Frederick
Frederick Hirsch
Nokia
On Mar 5, 2009, at 11:45 AM, Kapyaho Jere (Nokia-D-MSW/Tampere
are possible changes related to Thomas's comments re ID
reference language and additional properties.
regards, Frederick
Frederick Hirsch
Nokia
[1] http://dev.w3.org/2006/waf/widgets-digsig/
how about simple italics for code?
I'll also look into reducing body text
regards, Frederick
Frederick Hirsch
Nokia
On Mar 5, 2009, at 11:59 AM, Hirsch Frederick (Nokia-CIC/Boston) wrote:
yes that has been the case ever since I've started working on this.
Perhaps there is a W3C standard
for ID based references
+ Timestamp and serial number, expiration
As you note the issue of second hash algorithm might be more difficult
and may also depend on XML Signature 1.1 decisions, so that has not
also been addressed.
Thanks
regards, Frederick
Frederick Hirsch
Nokia
On Feb 25, 2009
/Public/public-webapps/2009JanMar/0548.html
Remaining to do item is to add additional signature properties
including signature id, expires/timestamp.
regards, Frederick
Frederick Hirsch
Nokia
and calculate the
reference hashes once, eliminating that overhead if it were a concern.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 27, 2009, at 6:48 AM, ext Marcos Caceres wrote:
Hi Frederick, Mark,
I have a concern wrt the author signature. It seems that both the
author signature
Thomas
Thanks for the careful review.
comments inline
regards, Frederick
Frederick Hirsch
Nokia
On Feb 25, 2009, at 7:06 AM, ext Thomas Roessler wrote:
In reviewing the latest draft, a couple of comments.
Widgets 1.0: Digital Signatures
Editor's Draft 23 February 2009
http
this could be conveyed out of band and it
might not always be appropriate to include in every signature.
Thoughts on this one?
regards, Frederick
Frederick Hirsch
Nokia
On Feb 25, 2009, at 9:23 AM, ext Thomas Roessler wrote:
I propose that we add te following text in the beginning of 6.2
since we are discussing this item on the mailing list.
Thanks
regards, Frederick
Frederick Hirsch
Nokia
for signatures to be added or removed and
hence a secure channel for widget delivery might be preferable.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 6, 2009, at 10:51 AM, ext Priestley, Mark, VF-Group wrote:
Hi Marcos,
More responses to your comments below (marked [mp]). Still need
believe that is specific to Widget Signature.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 13, 2009, at 8:26 AM, ext Marcos Caceres wrote:
2009/2/12 Priestley, Mark, VF-Group mark.priest...@vodafone.com:
[mp] As a general comment, I think this is a pretty difficult
problem
1.1 and Properties to be published
as First Public Working Draft very soon, barring any last minute
difficulties.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 17, 2009, at 6:01 AM, ext Priestley, Mark, VF-Group wrote:
Hi Frederick,
Just thought I'd try and help with the generation
of possible signature usage/role types and/or
signers to be handled, will rules be expressed in terms of usage/role
(e.g. distributor) and what else? The model is not clear to me.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 6, 2009, at 10:51 AM, ext Priestley, Mark, VF-Group wrote:
Hi
additional thoughts on these
requirements.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 4, 2009, at 3:49 PM, ext Thomas Roessler wrote:
On 4 Feb 2009, at 21:45, Arthur Barstow wrote:
* Is supporting OCSP and CRL a MUST for v1?
Just for clarity, there are two possible requirements around
1 - 100 of 111 matches
Mail list logo