- From: Dan Schutzer <dan.schutzer@fstc.org>
- Date: Fri, 14 Dec 2007 15:06:59 -0500
- To: "'Doyle, Bill'" <wdoyle@mitre.org>, <public-wsc-wg@w3.org>
Received on Friday, 14 December 2007 20:07:26 UTC
I agree we should have section on trust with trust defined _____ From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Doyle, Bill Sent: Friday, December 14, 2007 2:54 PM To: public-wsc-wg@w3.org Subject: ACTION-318: Draft a new subsection to section 7 discussing the mixing of trusted/untrusted information in the UI First - In order to draft this section I believe that WSC needs to define trust. I looked around a bit - did not see anything. Second - Once we have trust defined - what attributes of a HTTPs session are considered trusted and available to be used in a secure section of UI? >From what I can tell the only attributes that can be trusted in a standard X.509 cert is CA related attributes. A user review of a standard X.509 certs is required in order to be able to "trust" it. Cheers Bill D. wdoyle@mitre.org
Received on Friday, 14 December 2007 20:07:26 UTC