This page is a collection of statements and findings around prior art on the patent 5,764,992 as disclosed by Apple Inc.: Method and apparatus for automatic software replacement
Apple Inc. participates in the Web Application Working Group. In application of the exclusion rights they have according to the W3C Patent Policy, Apple Inc. excluded Patent Nr. 7,743,336 and Patent Application 20070101146 from its Royalty Free commitment given upon joining the Web Applications Working Group. According to Apple Inc., both read on the Widget Access Request Policy Specification. Apple Inc.'s exclusion triggered a Patent Advisory Group (PAG). The PAG is using this page to collect links and hints to technology that may help to circumvent the patent. This information may be useful to help the Web Applications Working Group to design around the excluded patent and allow for a Royalty Free Widget Access Request Policy Specification.
Apple Inc. does not participate in the Patent Advisory Group.
No. The work on the Widget Updates Specification can continue in parallel to
the Patent Advisory Group. Nevertheless, Widget Updates will not be able to
enter the status of Proposed Recommendation
as long as the PAG is
running.
From the detailed description, there may be overlap between US-20070101433 and US-20070101146 (application), and specifications for application security and deployed products such as the following:
Netscape Object Signing Establishing Trust for Downloaded Software
same-originpolicy for network access by Javascript applications Netscape also supported the ability to bypass the same-origin policy using a Javascript API: netscape.security.PrivilegeManager.enablePrivilege(“UniversalBrowserRead”).
All to be found in the 20 September 2011 email to public-widgets-pag
Mobile agents offer a new paradigm for distributed computation, but their potential benefits must be weighed against the very real security threats they pose. These threats originate not just in malicious agents but in malicious hosts as well. For example, if there is no mechanism to prevent attacks, a host can implant its own tasks into an agent or modify the agent's state. This can lead in turn to theft of the agent's resources if it has to pay for the execution of tasks, or to loss of the agent's reputation if its state changes from one host to another in ways that alter its behavior in negative ways. Aglets are mobile agents developed at IBM's Tokyo Research Laboratory. The article describes a security model for the Aglets development environment that supports flexible architectural definition of security policies.
The Content-MD5 entity-header field, as defined in RFC 1864, is an MD5 digest of the entity-body for the purpose of providing an end-to-end message integrity check (MIC) of the entity-body.
The power to build HTML Applications (HTAs) brings Windows Internet
Explorer to the fore as a viable Windows development platform. HTAs are
full-fledged applications. These applications are trusted and display only
the menus, icons, toolbars, and title information that the web developer
creates. In short, HTAs pack all the power of Internet Explorer—its
object model, performance, rendering power and protocol support—without
enforcing the strict security model and user interface of the
browser.
See security model
The "WARPish" feature from Dashboard is the following bit of XML, which either enables or disables network access to a widget (included in the info.plist of a widget) [0] (2004):
<key>AllowNetworkAccess</key> <true/>
Including a demonstration on 28th of June 2004
The Widgets Access Control Policy Patent Advisory Group (WARP PAG) is chartered to study issues and propose solutions related to a patent disclosure from Apple, Inc., concerning the Widget Access Request Policy Working Draft.
Rigo Wenning (W3C) is Chair of the PAG. The W3C Staff Contact for the Widgets Access Control Policy PAG is Doug Schepers.
Contact: Rigo Wenning (rigo at w3.org); Doug Schepers (schepers at w3.org);
Last update: $Id: prior-art.html,v 1.6 2011/10/25 20:47:13 rigo Exp $