- From: Serge Egelman <egelman@cs.cmu.edu>
- Date: Mon, 15 Oct 2007 15:51:36 -0400
- To: Ian Fette <ifette@google.com>
- CC: Web Security Context Working Group WG <public-wsc-wg@w3.org>
Uhhh, this is just about trust anchors (e.g. root certificates), not the other proposals. serge Ian Fette wrote: > Provided that it makes sense for the context. i.e. half of these > recommendations I think would be nightmarish on a mobile device if you > just take the desktop implementation and tried to use it with mobile. I > think consistency is good, but "making sense" on the native platform is > certainly going to have to be higher priority if we are to expect adoption. > > On 10/15/07, *Serge Egelman* <egelman@cs.cmu.edu > <mailto:egelman@cs.cmu.edu>> wrote: > > > I would certainly agree to this recommendation. > > serge > > Web Security Context Working Group Issue Tracker wrote: > > > > ISSUE-130 (Trust Anchors): Trust Anchor Consistency Across > Devices? [Techniques] > > > > http://www.w3.org/2006/WSC/track/issues/ > > > > Raised by: Luis Barriga > > On product: Techniques > > > > At the f2f meeting I mentioned one of the findings on > smart-phones: the pre-provisioned trust anchors in smartphones are > disjoint from the ones in desktop browsers. The opposite is valid too. > > > > As a result, users visiting the one site on a smartphone and on a > desktop browser will see TLS warnings that they has not seen > previously when visiting the same site. (Trust is temporary unavailable) > > > > Shall we add a Deployment Best Practice 8.x section on "Trust > Anchor Consistency across devices" that basically recommends browser > vendors, phone manufacturers etc to have a consistent set of > pre-provisioned trust anchors? > > > > > > > > > > > > > > > > -- > /* > Serge Egelman > > PhD Candidate > Vice President for External Affairs, Graduate Student Assembly > Carnegie Mellon University > > Legislative Concerns Chair > National Association of Graduate-Professional Students > */ > > -- /* Serge Egelman PhD Candidate Vice President for External Affairs, Graduate Student Assembly Carnegie Mellon University Legislative Concerns Chair National Association of Graduate-Professional Students */
Received on Monday, 15 October 2007 19:51:59 UTC