ACTION 717: propose some alternate text for HTTPs rewrite and "must provide the option to avoid transformation" from Martin Jones on 2008-03-25 (public-bpwg-ct@w3.org from March 2008)

From: Martin Jones <martinj@volantis.com>
Date: Tue, 25 Mar 2008 07:29:56 -0600 (MDT)
To: <public-bpwg-ct@w3.org>
Message-ID: <A77FD37475084B6685FF15BD2ED94FD6@volantisuk>

Here's my proposed change:

 

Current Text (in section 3.4):  

If the proxy rewrites such links, it must advise the end user of the
security implications of doing so and must provide the option to avoid
transformation of the resources the links refer to.

 

Proposed text:

If the proxy rewrites such links, it must advise the end user of the
security implications of doing so and must provide the option to avoid
decryption and transformation of the resources the links refer to.

 

I think this makes it clearer that it is not allowed under these
conditions for the proxy to break the end-to-end security even if it does
not transform the content.

__

Martin

Received on Tuesday, 25 March 2008 13:30:50 UTC