- From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Mon, 15 Oct 2007 15:26:43 +0000 (GMT)
- To: public-wsc-wg@w3.org
ISSUE-130 (Trust Anchors): Trust Anchor Consistency Across Devices? [Techniques] http://www.w3.org/2006/WSC/track/issues/ Raised by: Luis Barriga On product: Techniques At the f2f meeting I mentioned one of the findings on smart-phones: the pre-provisioned trust anchors in smartphones are disjoint from the ones in desktop browsers. The opposite is valid too. As a result, users visiting the one site on a smartphone and on a desktop browser will see TLS warnings that they has not seen previously when visiting the same site. (Trust is temporary unavailable) Shall we add a Deployment Best Practice 8.x section on "Trust Anchor Consistency across devices" that basically recommends browser vendors, phone manufacturers etc to have a consistent set of pre-provisioned trust anchors?
Received on Monday, 15 October 2007 15:26:53 UTC