- From: Thomas Roessler <tlr@w3.org>
- Date: Sun, 16 Dec 2007 20:15:58 +0100
- To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Cc: Dan Schutzer <dan.schutzer@fstc.org>, "'Doyle, Bill'" <wdoyle@mitre.org>, public-wsc-wg@w3.org
On 2007-12-16 19:08:36 +0000, Stephen Farrell wrote: > Sounds like a potential rathole to me, > S. +1 -- Thomas Roessler, W3C <tlr@w3.org> > Dan Schutzer wrote: > > I agree we should have section on trust with trust defined > > > > > > > > ------------------------------------------------------------------------ > > > > *From:* public-wsc-wg-request@w3.org > > [mailto:public-wsc-wg-request@w3.org] *On Behalf Of *Doyle, Bill > > *Sent:* Friday, December 14, 2007 2:54 PM > > *To:* public-wsc-wg@w3.org > > *Subject:* ACTION-318: Draft a new subsection to section 7 discussing > > the mixing of trusted/untrusted information in the UI > > > > > > > > First - In order to draft this section I believe that WSC needs to > > define trust. I looked around a bit - did not see anything. > > > > > > > > Second - Once we have trust defined - what attributes of a HTTPs > > session are considered trusted and available to be used in a secure > > section of UI? > > > > > > > > From what I can tell the only attributes that can be trusted in a > > standard X.509 cert is CA related attributes. A user review of a > > standard X.509 certs is required in order to be able to "trust" it. > > > > > > > > Cheers > > > > > > > > Bill D. > > > > wdoyle@mitre.org <mailto:wdoyle@mitre.org> > > > > > > > > > > > > > >> > >> > >
Received on Sunday, 16 December 2007 19:16:14 UTC