- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Sun, 16 Dec 2007 19:08:36 +0000
- To: Dan Schutzer <dan.schutzer@fstc.org>
- CC: "'Doyle, Bill'" <wdoyle@mitre.org>, public-wsc-wg@w3.org
Sounds like a potential rathole to me, S. Dan Schutzer wrote: > I agree we should have section on trust with trust defined > > > > ------------------------------------------------------------------------ > > *From:* public-wsc-wg-request@w3.org > [mailto:public-wsc-wg-request@w3.org] *On Behalf Of *Doyle, Bill > *Sent:* Friday, December 14, 2007 2:54 PM > *To:* public-wsc-wg@w3.org > *Subject:* ACTION-318: Draft a new subsection to section 7 discussing > the mixing of trusted/untrusted information in the UI > > > > First - In order to draft this section I believe that WSC needs to > define trust. I looked around a bit - did not see anything. > > > > Second - Once we have trust defined - what attributes of a HTTPs > session are considered trusted and available to be used in a secure > section of UI? > > > > From what I can tell the only attributes that can be trusted in a > standard X.509 cert is CA related attributes. A user review of a > standard X.509 certs is required in order to be able to "trust" it. > > > > Cheers > > > > Bill D. > > wdoyle@mitre.org <mailto:wdoyle@mitre.org> > > > > > > >> >>
Received on Sunday, 16 December 2007 19:09:24 UTC