- From: Thomas Roessler <tlr@w3.org>
- Date: Sun, 19 Aug 2007 18:28:54 +0200
- To: WSC WG <public-wsc-wg@w3.org>
I've uploaded a somewhat revised version of the editor's draft to reflect last week's discussion of the PageInfoSummary part. @@Web Security Context@@ Editor's Draft $Date: 2007/08/19 16:24:11 $ http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#pageinfosummary The section is renamed "Additioal Security Context Information", there's some text about consistency between secondary and primary indicators, and I've dropped in material about certificate validation checks, and trust anchors (explaining why a certificate is trusted). The only text about cookies is phrased as an issue for further thought; I don't think we've got something conclusive there, given the broadness of mechanisms to keep state -- from Google Gears over Flash over Javascript to cookies. ISSUE-105. It also feels like we need a sentence or two somewhere that says that the content of certificates may not be trusted, and that untrusted and trusted certificate content MUST NOT be mixed when displayed to users. However, I'm uninspired where that should go, and have therefore put that question into ISSUE-104. Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Sunday, 19 August 2007 16:28:58 UTC