W3C home > Mailing lists > Public > public-wsc-wg@w3.org > December 2007

ACTION-318: Draft a new subsection to section 7 discussing the mixing of trusted/untrusted information in the UI

From: Doyle, Bill <wdoyle@mitre.org>
Date: Fri, 14 Dec 2007 14:54:21 -0500
Message-ID: <518C60F36D5DBC489E91563736BA4B5801CBA0C1@IMCSRV5.MITRE.ORG>
To: <public-wsc-wg@w3.org>
First - In order to draft this section I believe that WSC needs to
define trust. I looked around a bit - did not see anything.
Second - Once we have trust defined - what attributes of a HTTPs
session are considered trusted and available to be used in a secure
section of UI?
>From what I can tell the only attributes that can be trusted in a
standard X.509 cert is CA related attributes. A user review of a
standard X.509 certs is required in order to be able to "trust" it.
Bill D.


Received on Friday, 14 December 2007 19:54:41 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:36:51 UTC