- From: Thomas Roessler <tlr@w3.org>
- Date: Thu, 6 Mar 2008 08:25:20 +0100
- To: WSC WG <public-wsc-wg@w3.org>
It turns out that sourceforge.net is now using EV certificates (yes, I noticed the green bar) -- but with a Common Name of sourceforge.net, not www.sourceforge.net. Question, for purposes of the spec: Do we think that any EV signalling should be present if the user has interactively granted an exception in a case such as a mismatch between the URI's domain name and the Common Name? My instinct would be "no"; at least one current implementation, however, does use that signalling even though I had to go through an exception dialogue first. Cheers, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Thursday, 6 March 2008 07:25:30 UTC