Johnathan Nightingale wrote: > > Hey Thomas, > > The text below was proposed by me, and is in the document, and is > probably enough to close the issue. But in side conversations with Mez, > I ruminated over the fact that it's not clear to me whether this > renders, e.g., Firefox 3 non-compliant. I *think* we'd be fine, because > this line seems to carry the day: > >>> The requirements in this section do not require user agents to >>> store information about past interactions longer than they >>> otherwise would. > > But the thing is, we DO store plenty of information about past > interactions: browsing history, bookmarks, saved passwords, cookies, as > examples. But we do NOT store historical TLS information. I *think* > that's still okay, ... Have to say that that interpretation didn't occur to me at all, so I guess, like Thomas, I'd rather that whatever do write down implies that UAs are to store historical TLS info. While I can see why an implementer might not be overjoyed with that change, I don't think that we should limit ourselves to producing a REC with which current UAs are already compliant. S.Received on Friday, 9 May 2008 13:35:32 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 9 May 2008 13:35:33 GMT