- From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Wed, 2 Jan 2008 19:35:07 +0000 (GMT)
- To: public-wsc-wg@w3.org
ISSUE-162: Recognize there are other forms of network security [wsc-xit] http://www.w3.org/2006/WSC/track/issues/ Raised by: Mary Ellen Zurko On product: wsc-xit 9.3 "If a web site requires secure login, then all sensitive transactions and presentation based on the user's credentials, as well as the service provided credential token itself MUST be protected by the same level of security. " I would support a SHOULD for this instead. Other security mechanisms may be in play (IPSEC) that make this unnecessary.
Received on Wednesday, 2 January 2008 19:35:09 UTC