W3C home > Mailing lists > Public > public-wsc-wg@w3.org > April 2007

Re: FW: .safe TLD idea from ICANN

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Mon, 16 Apr 2007 08:27:36 -0400
Cc: public-wsc-wg@w3.org
Message-ID: <OF8AE8C9EE.FA13B00C-ON852572BF.004413A6-852572BF.00447528@LocalDomain>
To: "<michael.mccormick" <michael.mccormick@wellsfargo.com>
I can't quite tell what it is that will make sites with .safe safe for e 
banking. I assume some sort of policy, much like EV promises something? 

Which reminds me of an error I was a bit suprised at (though not on 
reflection). I typed in my bank's home page with https, but with .com 
(it's really a .org). So I got an SSL error telling me "the name on the 
security certificate is invalid or does not match the name of the site". 
Neither of which is quite accurate. The cert matches the site that is 
being brought up; I'm just being redirected because I made a common 
mistake. So, oddly, won't all those users used to typing .com get SSL 
errors when redirected to .safe (if https is specified)? 

Perhaps we need another sentence on ErrorHandling about the error matching 
the user's model or view of the task. 

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect




<michael.mccormick@wellsfargo.com> 
Sent by: public-wsc-wg-request@w3.org
04/12/2007 06:23 PM

To
<public-wsc-wg@w3.org>
cc

Subject
FW: .safe TLD idea from ICANN







http://securityblog.itproportal.com/?p=791 
Received on Monday, 16 April 2007 12:28:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:46 GMT