W3C home > Mailing lists > Public > public-bpwg@w3.org > January 2009

Re: ACTION-893: Start putting together a set of guidelines that could help address the security issues triggered by links rewriting.

From: Tom Hume <Tom.Hume@futureplatforms.com>
Date: Sun, 18 Jan 2009 11:40:35 +0000
Message-Id: <4F33174D-AC4E-4C1F-B919-6F6C46BD15CA@futureplatforms.com>
To: Mobile Web Best Practices Working Group WG <public-bpwg@w3.org>


On 18 Jan 2009, at 10:07, Luca Passani wrote:

> > In effect, there could be an unavoidable two-tier Web: pre-CT and  
> post-CT.
> this sounds a bit like BC and AC in the history of the web. A bit  
> too ambitious for a group which is not in the position to create new  
> technology don't you think?

+1. Unless I misunderstand the remit of CTG, this isn't a way forwards.

> Finally, the W3C legal counsel already thinks that HTTPS cannot be  
> broken legally the way transcoders do it: why isn't this the final  
> word on this crazy HTTPS link re-writing discussion?

Which legal advice are you referring to here Luca? If it's the one  
that Jo originally posted, and that you and I debated on wapreview.com  
then, then this advice wasn't sought in connection with HTTPS but with  
transformation in general. You may choose to infer a link between the  
two, but we should probably leave such inferences for someone legally  
qualified.

However, if there's concern re a legal issue here (and the manual  
whitelisting of banking sites by some operators to prevent transcoding  
would seem to indicate that there are concerns), then could I suggest  
we do get a legal opinion on it?

--
Future Platforms Ltd
e: Tom.Hume@futureplatforms.com
t: +44 (0) 1273 819038
m: +44 (0) 7971 781422
company: www.futureplatforms.com
personal: tomhume.org
Received on Sunday, 18 January 2009 11:41:15 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:08:58 UTC