Re: Proposal for ISSUE-83
Also works for me. Marcos On Thursday, April 23, 2009, Arthur Barstow art.bars...@nokia.com wrote: A shorter counter-proposal below ... On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote: On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch frederick.hir...@nokia.com wrote: ISSUE-83 states: Instantiated widget should not be able to read digital signature http://www.w3.org/2008/webapps/track/issues/83 The following is a proposal of text to add to PC to address this issue, based on text from Marcos and adding the notion of allowing policy and access control mechanisms to be used: Where a user agent that implements this specification interacts with implementations of other specifications, this user agent MUST deny other implementations access to digital signature documents unless an access control mechanism is in place to enable access according to policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. An exception is if a user agent that implements this specification also implements the OPTIONAL [Widgts-DigSig] specification, in which case the user agent MUST make signature documents available to the implementation of the [Widgets-DigSig] specification. Added under Digital Signatures section. If Mark is happy, then we should close this issue. Proposed text: [[ A user agent MUST prevent a widget from accessing the contents of a digital signature document unless an access control mechanism explicitly enables such access e.g. via an access control policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. ]] -Regards, Art Barstow -- Marcos Caceres http://datadriven.com.au
RE: Proposal for ISSUE-83
+1 for Art's shorter counter proposal Thanks, Mark -Original Message- From: marcosscace...@gmail.com [mailto:marcosscace...@gmail.com] On Behalf Of Marcos Caceres Sent: 23 April 2009 07:47 To: Arthur Barstow Cc: Marcos Caceres; Priestley, Mark, VF-Group; Hirsch Frederick (Nokia-CIC/Boston); public-webapps Subject: Re: Proposal for ISSUE-83 Also works for me. Marcos On Thursday, April 23, 2009, Arthur Barstow art.bars...@nokia.com wrote: A shorter counter-proposal below ... On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote: On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch frederick.hir...@nokia.com wrote: ISSUE-83 states: Instantiated widget should not be able to read digital signature http://www.w3.org/2008/webapps/track/issues/83 The following is a proposal of text to add to PC to address this issue, based on text from Marcos and adding the notion of allowing policy and access control mechanisms to be used: Where a user agent that implements this specification interacts with implementations of other specifications, this user agent MUST deny other implementations access to digital signature documents unless an access control mechanism is in place to enable access according to policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. An exception is if a user agent that implements this specification also implements the OPTIONAL [Widgts-DigSig] specification, in which case the user agent MUST make signature documents available to the implementation of the [Widgets-DigSig] specification. Added under Digital Signatures section. If Mark is happy, then we should close this issue. Proposed text: [[ A user agent MUST prevent a widget from accessing the contents of a digital signature document unless an access control mechanism explicitly enables such access e.g. via an access control policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. ]] -Regards, Art Barstow -- Marcos Caceres http://datadriven.com.au
Re: Proposal for ISSUE-83
On Thu, Apr 23, 2009 at 12:04 AM, Arthur Barstow art.bars...@nokia.com wrote: A shorter counter-proposal below ... On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote: On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch frederick.hir...@nokia.com wrote: ISSUE-83 states: Instantiated widget should not be able to read digital signature http://www.w3.org/2008/webapps/track/issues/83 The following is a proposal of text to add to PC to address this issue, based on text from Marcos and adding the notion of allowing policy and access control mechanisms to be used: Where a user agent that implements this specification interacts with implementations of other specifications, this user agent MUST deny other implementations access to digital signature documents unless an access control mechanism is in place to enable access according to policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. An exception is if a user agent that implements this specification also implements the OPTIONAL [Widgts-DigSig] specification, in which case the user agent MUST make signature documents available to the implementation of the [Widgets-DigSig] specification. Added under Digital Signatures section. If Mark is happy, then we should close this issue. Proposed text: [[ A user agent MUST prevent a widget from accessing the contents of a digital signature document unless an access control mechanism explicitly enables such access e.g. via an access control policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. ]] I've added the above text to the spec. -- Marcos Caceres http://datadriven.com.au
Re: Proposal for ISSUE-83
A shorter counter-proposal below ... On Apr 21, 2009, at 9:56 AM, ext Marcos Caceres wrote: On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch frederick.hir...@nokia.com wrote: ISSUE-83 states: Instantiated widget should not be able to read digital signature http://www.w3.org/2008/webapps/track/issues/83 The following is a proposal of text to add to PC to address this issue, based on text from Marcos and adding the notion of allowing policy and access control mechanisms to be used: Where a user agent that implements this specification interacts with implementations of other specifications, this user agent MUST deny other implementations access to digital signature documents unless an access control mechanism is in place to enable access according to policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. An exception is if a user agent that implements this specification also implements the OPTIONAL [Widgts-DigSig] specification, in which case the user agent MUST make signature documents available to the implementation of the [Widgets-DigSig] specification. Added under Digital Signatures section. If Mark is happy, then we should close this issue. Proposed text: [[ A user agent MUST prevent a widget from accessing the contents of a digital signature document unless an access control mechanism explicitly enables such access e.g. via an access control policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. ]] -Regards, Art Barstow
Proposal for ISSUE-83
ISSUE-83 states: Instantiated widget should not be able to read digital signature http://www.w3.org/2008/webapps/track/issues/83 The following is a proposal of text to add to PC to address this issue, based on text from Marcos and adding the notion of allowing policy and access control mechanisms to be used: Where a user agent that implements this specification interacts with implementations of other specifications, this user agent MUST deny other implementations access to digital signature documents unless an access control mechanism is in place to enable access according to policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. An exception is if a user agent that implements this specification also implements the OPTIONAL [Widgts-DigSig] specification, in which case the user agent MUST make signature documents available to the implementation of the [Widgets-DigSig] specification. This message should complete ACTION-329 which should be closed. regards, Frederick Frederick Hirsch Nokia
Re: Proposal for ISSUE-83
On Tue, Apr 21, 2009 at 3:31 PM, Frederick Hirsch frederick.hir...@nokia.com wrote: ISSUE-83 states: Instantiated widget should not be able to read digital signature http://www.w3.org/2008/webapps/track/issues/83 The following is a proposal of text to add to PC to address this issue, based on text from Marcos and adding the notion of allowing policy and access control mechanisms to be used: Where a user agent that implements this specification interacts with implementations of other specifications, this user agent MUST deny other implementations access to digital signature documents unless an access control mechanism is in place to enable access according to policy. The definition of such a policy mechanism is out of scope of this specification, but may be defined to allow access to all or parts of the signature documents, or deny any such access. An exception is if a user agent that implements this specification also implements the OPTIONAL [Widgts-DigSig] specification, in which case the user agent MUST make signature documents available to the implementation of the [Widgets-DigSig] specification. Added under Digital Signatures section. If Mark is happy, then we should close this issue. Kind regards, Marcos -- Marcos Caceres http://datadriven.com.au