W3C home > Mailing lists > Public > public-usable-authentication@w3.org > April 2010

Re: Don't favour https ( LC-2382)

From: Krzysztof Maczyński <1981km@gmail.com>
Date: Fri, 23 Apr 2010 16:10:33 +0200
Message-ID: <09798950103D41C885409F19BD20C074@kmPC>
To: <mzurko@us.ibm.com>
Cc: <public-usable-authentication@w3.org>
> It would be confusing to
> users to see an indication of TLS security, such as augmented assurance
> (such as with EV) certificates, and an http: URI.
This is based on a misunderstanding about URIs. They identify resources, not characteristics of access to those resources (such as security). AWWW and other documents are clear on this. Existing confusion in some users should be rectified, not entrenched, lest I formally object. My request that the spec doesn't go for the latter (specifically, removing "an https URL was used" from the definition would resolve the issue) still stands.

Best regards,

Krzysztof Maczyński
Invited Expert, HTML WG
Received on Friday, 23 April 2010 14:11:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 23 April 2010 14:11:16 GMT