- From: Francois Daoust <fd@w3.org>
- Date: Tue, 28 Oct 2008 15:38:20 +0100
- To: public-mobileok-checker <public-mobileok-checker@w3.org>
Hi guys, We resolved to move forward the mobileOK Basic Tests 1.0 specification without the change on the mobileOK Checker, but that doesn't mean we should not implement the change... The new section to implement is: http://www.w3.org/2005/MWI/BPWG/Group/Drafts/mobileOK-Basic-1.0-Tests/081018#https 1/ arbitrary root certificates should not trigger any error. Actually, I wonder if the recursive search for self-signed certificates we already have is not enough. I think it is. 2/ the certificate should be checked against the host name of the requested URI and return an HTTPS-1 FAIL message if both don't match. AFAICT, this is simply not done or at least not caught. I'm not sure what's the easiest way to do that. 3/ HTTPS-2 and HTTPS-3 messages are to replace HTTP_RESPONSE-2 and HTTP_RESPONSE-3. OK, this one should be easy ;-) Anyone willing to move this forward? Francois.
Received on Tuesday, 28 October 2008 14:38:54 UTC