W3C home > Mailing lists > Public > public-wsc-wg@w3.org > December 2007

RE: ACTION-318: Draft a new subsection to section 7 discussing themixing of trusted/untrusted information in the UI

From: Doyle, Bill <wdoyle@mitre.org>
Date: Mon, 17 Dec 2007 09:24:26 -0500
Message-ID: <518C60F36D5DBC489E91563736BA4B5801CBA167@IMCSRV5.MITRE.ORG>
To: "Thomas Roessler" <tlr@w3.org>, "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
Cc: "Dan Schutzer" <dan.schutzer@fstc.org>, <public-wsc-wg@w3.org>

WSC uses the term trust in many places. Who provides the definition of
trust, it needs to be consistent to WSC and readers? Trust can be an
defined outside of the WSC and referenced.

B


 

-----Original Message-----
From: Thomas Roessler [mailto:tlr@w3.org] 
Sent: Sunday, December 16, 2007 2:16 PM
To: Stephen Farrell
Cc: Dan Schutzer; Doyle, Bill; public-wsc-wg@w3.org
Subject: Re: ACTION-318: Draft a new subsection to section 7 discussing
themixing of trusted/untrusted information in the UI

On 2007-12-16 19:08:36 +0000, Stephen Farrell wrote:

> Sounds like a potential rathole to me,
> S.

+1
-- 
Thomas Roessler, W3C  <tlr@w3.org>






> Dan Schutzer wrote:
> > I agree we should have section on trust with trust defined
> > 
> >  
> > 
> >
-----------------------------------------------------------------------
-
> > 
> > *From:* public-wsc-wg-request@w3.org
> > [mailto:public-wsc-wg-request@w3.org] *On Behalf Of *Doyle, Bill
> > *Sent:* Friday, December 14, 2007 2:54 PM
> > *To:* public-wsc-wg@w3.org
> > *Subject:* ACTION-318: Draft a new subsection to section 7
discussing
> > the mixing of trusted/untrusted information in the UI
> > 
> >  
> > 
> > First - In order to draft this section I believe that WSC needs to
> > define trust. I looked around a bit - did not see anything.
> > 
> >  
> > 
> > Second - Once we have trust defined - what attributes of a HTTPs
> > session are considered trusted and available to be used in a secure
> > section of UI?
> > 
> >  
> > 
> > From what I can tell the only attributes that can be trusted in a
> > standard X.509 cert is CA related attributes. A user review of a
> > standard X.509 certs is required in order to be able to "trust" it.
> > 
> >  
> > 
> > Cheers
> > 
> >  
> > 
> > Bill D.
> > 
> > wdoyle@mitre.org <mailto:wdoyle@mitre.org>
> > 
> >  
> > 
> > 
> >  
> > 
> >>              
> >>
> 
> 
Received on Monday, 17 December 2007 14:24:36 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:19 UTC