Re: changes to Opera table

We determined there is one more change to the Opera table in the meeting 
today. 

XXXIX. Subject logotypes derived from certificates MUST NOT be rendered, 
unless the certificate used is an augmented assurance certificate. 
Conforms Basic 



From:   Mary Ellen Zurko/Westford/IBM@Lotus
To:     yngve@opera.com
Cc:     public-wsc-wg@w3.org, janv@opera.com
Date:   02/26/2010 10:20 AM
Subject:        Re: changes to Opera table
Sent by:        public-wsc-wg-request@w3.org



· What user interface element is the TLS indicator defined in this 
specification. 
padlock in the address bar

· What user interface element is the identity signal defined in this 
specification. 
location bar with extra area on the right

· What broadly accepted practices are considered sufficient for a trust 
anchor to be deemed augmented assurance qualified (see 5.1.2 Augmented 
Assurance Certificates ), and what data elements are deemed assured by 
those certificates. [added ?what data elements?.]

Extended Validation is the only currently supported AA cert scheme.  These 
are recognized based on certificate policy identifiers coded in the 
certificate chain, and are only accepted if the Root certificate is 
associated with the same OID (digitally signed information about this 
association is downloaded regularly from an online repository). 

O= and C= are deemed assured by those certificates. 
II. To derive a human-readable subject name from an augmented assurance 
certificate, user agents  SHOULD use the Subject field's Organization (O) 
and Country (C) attributes. 
Conforms Advanced 
IIa (or III replacement) They MUST  use information that is subject to the 
certificate authority's additional assurances, as  documented in the user 
agent's conformance statement. 
Conforms Basic 

XXVI. This [Definition: identity signal ] MUST be part of primary user 
interface during usage modes which entail the presence of signaling to the 
user beyond only presenting page content (should -> must) 

Conforms Basic 

XXXI User agents with a visual user interface  MUST show the  Identity 
Signal in a consistent visual position. (should -> must) 

Conforms Basic 
XXXVIII ·  To inform the user about the party responsible for that 
information, the Issuer field's Organization attribute MUST be displayed 
in the Identity Signal, or in secondary user interface that is available 
through a consistent interaction with the Identity Signal. (or in 
secondary added) 
Conforms Basic (no change)
XLIV Where security context information is provided in both primary and 
secondary interface, the  meaning of the presented information MUST be 
consistent. Best practice will also avoid inconsistent presentation, such 
as using identical or semantically similar icons for different information 
in different places. (presentations moved out of must) 
Conforms Basic (no change)

(should)
XLIX ·  An explanation of the information represented by the TLS indicator 
 , e.g., concerning the presence mixed content; (was ?level?) 

Conforms Advanced (no change)

LX The [ Definition : TLS indicator]  MUST be part of primary user 
interface during usage modes which entail the presence of signaling to the 
user beyond only presenting page content (should -> must) 

Conforms Basic 



From:        Mary Ellen Zurko/Westford/IBM@Lotus
To:        public-wsc-wg@w3.org
Date:        02/19/2010 12:37 PM
Subject:        changes to Opera table
Sent by:        public-wsc-wg-request@w3.org



based on the meeting discussion and review of the table against Opera's 
more detailed notes (which I have also posted), I'm making the following 
changes to the Opera table:

XXX - Does Not Conform Basic
XXIX - Does Not Conform Basic
XVII - Conforms Basic
XVII - Conforms Basic
XXIII - Does Not Conform Advanced
CII - Conforms Advanced

I'll be uploading the updated table to the Implementation report area.
Yngve, Jan Vidar and Thomas (at least) should double check each of these 
to ensure they understand and agree.