Re: Stability of Widget DigSig
On 5/11/15 4:23 AM, Andrew Twigger wrote: I expect that removing the statement from the namespace document will resolve the concerns of ATSC and CEA members. Andrew - the warning has been removed. -ArtB Thank-you for your quick response to this request. Andrew Twigger -Original Message- From: Arthur Barstow [mailto:art.bars...@gmail.com] Sent: 08 May 2015 13:55 To: Andrew Twigger Cc: Marcos Caceres; Frederick Hirsch; public-webapps@w3.org Subject: Re: Stability of Widget DigSig Andrew - seeing no objections from the group to removing the Implementers ... statement from [NS] document, if that statement is removed, does that address your concern? -Thanks, ArtB [NS] http://www.w3.org/ns/widgets-digsig/
RE: Stability of Widget DigSig
Art, I expect that removing the statement from the namespace document will resolve the concerns of ATSC and CEA members. Thank-you for your quick response to this request. Andrew Twigger -Original Message- From: Arthur Barstow [mailto:art.bars...@gmail.com] Sent: 08 May 2015 13:55 To: Andrew Twigger Cc: Marcos Caceres; Frederick Hirsch; public-webapps@w3.org Subject: Re: Stability of Widget DigSig Andrew - seeing no objections from the group to removing the Implementers ... statement from [NS] document, if that statement is removed, does that address your concern? -Thanks, ArtB [NS] http://www.w3.org/ns/widgets-digsig/ On 5/8/15 7:14 AM, Arthur Barstow wrote: [ + Marcos and Frederick ] Hi Andrew, The group stopped working on XML Digital Signature for Widgets several years ago and there is no plan to resume work (except to process errata as required). Marcos, Frederick - this spec's namespace document includes the following statement: [[ http://www.w3.org/ns/widgets-digsig/ Implementers should be aware that this document is not stable. ]] Any objections from you or anyone else to remove this statement? -Thanks, ArtB On 5/7/15 5:55 AM, Andrew Twigger wrote: ATSC and CEA are developing standards that include the ability to download digital signed applications. Their current specifications reference the W3C Recommendation for XML Digital Signature for Widgets (18 April 2013). However, the associated Widgets Digital Signature Namespace (http://www.w3.org/ns/widgets-digsig/) contains a statement that Implementers should be aware that this document is not stable. which has raised questions as to the stability and suitability of referencing Widget DigSig. The alternative would be to reference XAdES with the C and T forms to allow for the inclusion of timestamp and certificate revocation information which are not included in Widget DigSig. I would be pleased to receive any information regarding the stability of Widget DigSig and whether referencing XAdES would provide a better alternative. Thank-you, Andrew Twigger
Re: Stability of Widget DigSig
[ + Marcos and Frederick ] Hi Andrew, The group stopped working on XML Digital Signature for Widgets several years ago and there is no plan to resume work (except to process errata as required). Marcos, Frederick - this spec's namespace document includes the following statement: [[ http://www.w3.org/ns/widgets-digsig/ Implementers should be aware that this document is not stable. ]] Any objections from you or anyone else to remove this statement? -Thanks, ArtB On 5/7/15 5:55 AM, Andrew Twigger wrote: ATSC and CEA are developing standards that include the ability to download digital signed applications. Their current specifications reference the W3C Recommendation for XML Digital Signature for Widgets (18 April 2013). However, the associated Widgets Digital Signature Namespace (http://www.w3.org/ns/widgets-digsig/) contains a statement that “Implementers should be aware that this document is not stable.” which has raised questions as to the stability and suitability of referencing Widget DigSig. The alternative would be to reference XAdES with the C and T forms to allow for the inclusion of timestamp and certificate revocation information which are not included in Widget DigSig. I would be pleased to receive any information regarding the stability of Widget DigSig and whether referencing XAdES would provide a better alternative. Thank-you, Andrew Twigger
Re: Stability of Widget DigSig
On 2015-05-08 14:32, Frederick Hirsch wrote: no objection, the referenced document is a Recommendation, isn't it? http://www.w3.org/TR/widgets-digsig/ This seems to be a rather theoretical discussion: https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs/widget Anders regards, Frederick Frederick Hirsch Chair XML Security WG fjhirsch.com @fjhirsch On May 8, 2015, at 7:14 AM, Arthur Barstow art.bars...@gmail.com wrote: [ + Marcos and Frederick ] Hi Andrew, The group stopped working on XML Digital Signature for Widgets several years ago and there is no plan to resume work (except to process errata as required). Marcos, Frederick - this spec's namespace document includes the following statement: [[ http://www.w3.org/ns/widgets-digsig/ Implementers should be aware that this document is not stable. ]] Any objections from you or anyone else to remove this statement? -Thanks, ArtB On 5/7/15 5:55 AM, Andrew Twigger wrote: ATSC and CEA are developing standards that include the ability to download digital signed applications. Their current specifications reference the W3C Recommendation for XML Digital Signature for Widgets (18 April 2013). However, the associated Widgets Digital Signature Namespace (http://www.w3.org/ns/widgets-digsig/) contains a statement that “Implementers should be aware that this document is not stable.” which has raised questions as to the stability and suitability of referencing Widget DigSig. The alternative would be to reference XAdES with the C and T forms to allow for the inclusion of timestamp and certificate revocation information which are not included in Widget DigSig. I would be pleased to receive any information regarding the stability of Widget DigSig and whether referencing XAdES would provide a better alternative. Thank-you, Andrew Twigger
Re: Stability of Widget DigSig
On 5/8/15 8:47 AM, Anders Rundgren wrote: On 2015-05-08 14:32, Frederick Hirsch wrote: no objection, the referenced document is a Recommendation, isn't it? http://www.w3.org/TR/widgets-digsig/ This seems to be a rather theoretical discussion: https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs/widget FYI, the usage of widget in widgets-digsig is not at all related to the use of widget in the MDN resource reference above. -AB
Re: Stability of Widget DigSig
On 2015-05-08 14:50, Arthur Barstow wrote: On 5/8/15 8:47 AM, Anders Rundgren wrote: On 2015-05-08 14:32, Frederick Hirsch wrote: no objection, the referenced document is a Recommendation, isn't it? http://www.w3.org/TR/widgets-digsig/ This seems to be a rather theoretical discussion: https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs/widget FYI, the usage of widget in widgets-digsig is not at all related to the use of widget in the MDN resource reference above. Just for my understanding, is the W3C Widget TR generally supported then? Anders -AB
Re: Stability of Widget DigSig
Andrew - seeing no objections from the group to removing the Implementers ... statement from [NS] document, if that statement is removed, does that address your concern? -Thanks, ArtB [NS] http://www.w3.org/ns/widgets-digsig/ On 5/8/15 7:14 AM, Arthur Barstow wrote: [ + Marcos and Frederick ] Hi Andrew, The group stopped working on XML Digital Signature for Widgets several years ago and there is no plan to resume work (except to process errata as required). Marcos, Frederick - this spec's namespace document includes the following statement: [[ http://www.w3.org/ns/widgets-digsig/ Implementers should be aware that this document is not stable. ]] Any objections from you or anyone else to remove this statement? -Thanks, ArtB On 5/7/15 5:55 AM, Andrew Twigger wrote: ATSC and CEA are developing standards that include the ability to download digital signed applications. Their current specifications reference the W3C Recommendation for XML Digital Signature for Widgets (18 April 2013). However, the associated Widgets Digital Signature Namespace (http://www.w3.org/ns/widgets-digsig/) contains a statement that “Implementers should be aware that this document is not stable.” which has raised questions as to the stability and suitability of referencing Widget DigSig. The alternative would be to reference XAdES with the C and T forms to allow for the inclusion of timestamp and certificate revocation information which are not included in Widget DigSig. I would be pleased to receive any information regarding the stability of Widget DigSig and whether referencing XAdES would provide a better alternative. Thank-you, Andrew Twigger
Re: Stability of Widget DigSig
On Friday, May 8, 2015, Anders Rundgren anders.rundgren@gmail.com wrote: On 2015-05-08 14:50, Arthur Barstow wrote: On 5/8/15 8:47 AM, Anders Rundgren wrote: On 2015-05-08 14:32, Frederick Hirsch wrote: no objection, the referenced document is a Recommendation, isn't it? http://www.w3.org/TR/widgets-digsig/ This seems to be a rather theoretical discussion: https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs/widget FYI, the usage of widget in widgets-digsig is not at all related to the use of widget in the MDN resource reference above. Just for my understanding, is the W3C Widget TR generally supported then? Yes. For example, PhoneGap/Cordova which is used to target every platform. Anders -AB
[widgets] implementation data [Was: Re: Stability of Widget DigSig]
On 5/8/15 8:52 AM, Anders Rundgren wrote: On 2015-05-08 14:50, Arthur Barstow wrote: On 5/8/15 8:47 AM, Anders Rundgren wrote: On 2015-05-08 14:32, Frederick Hirsch wrote: no objection, the referenced document is a Recommendation, isn't it? http://www.w3.org/TR/widgets-digsig/ This seems to be a rather theoretical discussion: https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs/widget FYI, the usage of widget in widgets-digsig is not at all related to the use of widget in the MDN resource reference above. Just for my understanding, is the W3C Widget TR generally supported then? See http://dev.w3.org/2006/waf/widgets/imp-report/ -AB
Re: Stability of Widget DigSig
On Friday, May 8, 2015, Arthur Barstow art.bars...@gmail.com wrote: [ + Marcos and Frederick ] Hi Andrew, The group stopped working on XML Digital Signature for Widgets several years ago and there is no plan to resume work (except to process errata as required). Marcos, Frederick - this spec's namespace document includes the following statement: [[ http://www.w3.org/ns/widgets-digsig/ Implementers should be aware that this document is not stable. ]] Any objections from you or anyone else to remove this statement? None. It's stable. -Thanks, ArtB On 5/7/15 5:55 AM, Andrew Twigger wrote: ATSC and CEA are developing standards that include the ability to download digital signed applications. Their current specifications reference the W3C Recommendation for XML Digital Signature for Widgets (18 April 2013). However, the associated Widgets Digital Signature Namespace ( http://www.w3.org/ns/widgets-digsig/) contains a statement that “Implementers should be aware that this document is not stable.” which has raised questions as to the stability and suitability of referencing Widget DigSig. The alternative would be to reference XAdES with the C and T forms to allow for the inclusion of timestamp and certificate revocation information which are not included in Widget DigSig. I would be pleased to receive any information regarding the stability of Widget DigSig and whether referencing XAdES would provide a better alternative. Thank-you, Andrew Twigger
Re: Stability of Widget DigSig
no objection, the referenced document is a Recommendation, isn't it? http://www.w3.org/TR/widgets-digsig/ regards, Frederick Frederick Hirsch Chair XML Security WG fjhirsch.com @fjhirsch On May 8, 2015, at 7:14 AM, Arthur Barstow art.bars...@gmail.com wrote: [ + Marcos and Frederick ] Hi Andrew, The group stopped working on XML Digital Signature for Widgets several years ago and there is no plan to resume work (except to process errata as required). Marcos, Frederick - this spec's namespace document includes the following statement: [[ http://www.w3.org/ns/widgets-digsig/ Implementers should be aware that this document is not stable. ]] Any objections from you or anyone else to remove this statement? -Thanks, ArtB On 5/7/15 5:55 AM, Andrew Twigger wrote: ATSC and CEA are developing standards that include the ability to download digital signed applications. Their current specifications reference the W3C Recommendation for XML Digital Signature for Widgets (18 April 2013). However, the associated Widgets Digital Signature Namespace (http://www.w3.org/ns/widgets-digsig/) contains a statement that “Implementers should be aware that this document is not stable.” which has raised questions as to the stability and suitability of referencing Widget DigSig. The alternative would be to reference XAdES with the C and T forms to allow for the inclusion of timestamp and certificate revocation information which are not included in Widget DigSig. I would be pleased to receive any information regarding the stability of Widget DigSig and whether referencing XAdES would provide a better alternative. Thank-you, Andrew Twigger
