you get what I mean...
Thanks,
Mark
>-Original Message-
>From: Frederick Hirsch [mailto:frederick.hir...@nokia.com]
>Sent: 27 February 2009 13:19
>To: marc...@opera.com
>Cc: Frederick Hirsch; public-webapps@w3.org WG; Priestley,
>Mark, VF-Group
>Subject: Re: [widg
Hi Frederick,
On Fri, Feb 27, 2009 at 2:18 PM, Frederick Hirsch
wrote:
> Marcos
>
> Yes, logically there would be two self contained signatures with references
> to every file in the package.
>
> Again Policy indicates which signatures must be verified. What does the
> packaging spec currently say
obviously I meant every non-signature file etc
regards, Frederick
Frederick Hirsch
Nokia
On Feb 27, 2009, at 8:18 AM, Hirsch Frederick (Nokia-CIC/Boston) wrote:
Marcos
Yes, logically there would be two self contained signatures with
references to every file in the package.
Again Policy in
Marcos
Yes, logically there would be two self contained signatures with
references to every file in the package.
Again Policy indicates which signatures must be verified. What does
the packaging spec currently say? To date it has been one distributor
spec that must be verified. We should
Hi Frederick, Mark,
I have a concern wrt the author signature. It seems that both the
author signature and the distributor signature need to sign every file
in the package. Does this mean that, to verify a package, you would
need to effectively verify everything in the package twice? or is
verifica