W3C home > Mailing lists > Public > public-wsc-wg@w3.org > October 2007

ACTION-284: Trusted Certs

From: Hallam-Baker, Phillip <pbaker@verisign.com>
Date: Fri, 12 Oct 2007 08:49:47 -0700
Message-ID: <2788466ED3E31C418E9ACC5C31661557084EBB@mou1wnexmb09.vcorp.ad.vrsn.com>
To: <public-wsc-wg@w3.org>
In addition there is Action 113: Terminology around "trusted" certificates is misleading and needs to be corrected. Relates to ACTION-284.
There are a copule of starting issues here.
First 4.1 starts:
The most common mechanism for applying TLS to the Web is the use of the https URI scheme [RFC2818] <http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#ref-RFC2818> ; the alternative upgrade mechanism [RFC2817] <http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#ref-RFC2817>  is used rarely, if at all. For the purposes of this specification, the most relevant property of [RFC2818] <http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#ref-RFC2818>  is that the URI used to identify a resource includes an assertion that use of TLS is desired.
I think we need to start by rephrasing this:
The https URI scheme [2818] requires the use of HTTP over TLS transport. The TLS upgrade mechanism [RFC2817] alows TLS transport to be used as an option with a http: scheme URI but this feature is rarely used.
[I don't think we need to state what is or is not relevant here. I can imagine that HTTP upgrade could be very relevant when we are talking about self signed certs and the like.]

"An HTTP transaction is TLS-protected"

[I don't think we should use the term protected here if we include use of NULL, TLS-Transported sounds more accurate]

"4.3.7 Trusted Certificates <http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#sec-trusted-certificates> "

I think here we have to insist on the distinction between trustED and trustWORTHY.

A trusted certificate is simply any certificate that meets the trust criteria for a relying party. 

Where the language goes wrong is that half is -ED and half -WORTHY. I think we need to define both terms. This is particularly important since the sets are disjoint, a -WORTHY certificate is not always -ED and vice versa.

For example an EV cert is not automatically qualified for the federal bridge CA. 


I think we need to define both terms as follows:


TRUSTED = Any certificate that is in the clients circle of trust for whatever reason

TRUSTWORTHY = A certificate issued in accordance with practices that reliably establish a degree of Identity/accountability that sufficiently mitigates risk for a particular purpose. Examples include Augmented Assurance.

The term trusted is thus an objective statement of fact: Alice may be a pinhead but if she trusts Mallet, Mallet is TrustED. Trustworthy is a subjective term that is always relative to a particular purpose.


I would like some discussion before I try to wordsmith further. 

Received on Friday, 12 October 2007 15:50:10 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:18 UTC