- From: Thomas Roessler <tlr@w3.org>
- Date: Mon, 6 Oct 2008 14:18:19 +0200
- To: WSC WG <public-wsc-wg@w3.org>
I propose to add the following security considerations text: >>>>> <head>Deriving human-readable information from domain-validated certificates</head> <p>For domain validated certificates, none of the ordinary human- readable information provided in a certificate is actually attested to; instead, a binding between public key a domain name (or wildcard) is created. Therefore, <specref ref="signal-content"/> provides that, as a fall-back of last resort, a domain name retrieved from the subject's subjectAltName extension, or from the Common Name attribute, should be displayed.</p> <p>This specification does not suggest displaying the domain name used in the source URI, since that domain name may be under the control of an attacker. We consider it less risky to display a string like "*.example.com", than "bigbank.example.com" when the binding that was attested is one to "*.example.com".</p> <<<<< I believe that, additionally, there should be a change in 6.1.1 that gives subjectAltName precedence over Common Name; I don't see a specific action item to make that change. Also, writing this text, it occurs to me that we nowhere say that a domain name should always be shortened from the left, never from the right. I suspect that the identity signal content section might be usefully hold that piece of advice. Thoughts anybody? Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Monday, 6 October 2008 12:24:40 UTC