W3C home > Mailing lists > Public > public-webapi@w3.org > May 2008

Re: TLS error handling in XMLHttpRequest

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 27 May 2008 14:29:49 +0200
To: "Thomas Roessler" <tlr@w3.org>
Cc: public-webapi@w3.org, public-wsc-wg@w3.org
Message-ID: <op.ubtbnzsc64w2qv@annevk-t60.oslo.opera.com>

On Fri, 16 May 2008 11:54:14 +0200, Thomas Roessler <tlr@w3.org> wrote:
>>> (ACTION-444 in Web Security Context.)
>
> I would suggest to explicitly say that a failure of the server
> identity check (section 3.1 of RFC 2818) MUST cause the client to
> terminate the connection.
>
> (RFC 2818 gives a choice of either giving the user a choice or
> terminating the connection.)

I made it more explicit that user interaction is not be to performed.  
Could the Web Security Context WG let me know whether this satisfies their  
comment?

Kind regards,


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
Received on Tuesday, 27 May 2008 12:29:45 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 May 2008 12:29:45 GMT