W3C home > Mailing lists > Public > public-wsc-wg@w3.org > December 2007

RE: ACTION-318: Draft a new subsection to section 7 discussing the mixing of trusted/untrusted information in the UI

From: Dan Schutzer <dan.schutzer@fstc.org>
Date: Fri, 14 Dec 2007 15:06:59 -0500
To: "'Doyle, Bill'" <wdoyle@mitre.org>, <public-wsc-wg@w3.org>
Message-ID: <001501c83e8c$e355e560$6500a8c0@dschutzer>
I agree we should have section on trust with trust defined

 

  _____  

From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On
Behalf Of Doyle, Bill
Sent: Friday, December 14, 2007 2:54 PM
To: public-wsc-wg@w3.org
Subject: ACTION-318: Draft a new subsection to section 7 discussing the
mixing of trusted/untrusted information in the UI

 

First - In order to draft this section I believe that WSC needs to define
trust. I looked around a bit - did not see anything.

 

Second - Once we have trust defined - what attributes of a HTTPs session are
considered trusted and available to be used in a secure section of UI?

 

>From what I can tell the only attributes that can be trusted in a standard
X.509 cert is CA related attributes. A user review of a standard X.509 certs
is required in order to be able to "trust" it.

 

Cheers

 

Bill D.

wdoyle@mitre.org

 


 

 
Received on Friday, 14 December 2007 20:07:26 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:19 UTC