- From: Luis Barriga <luis.barriga@ericsson.com>
- Date: Wed, 31 Oct 2007 16:55:46 +0100
- To: <public-wsc-wg@w3.org>
Here is a summary of the discussions
Issues:
- Disjoint browsers' trust anchors in across devices
- Non TLS-consistency mobile and desktop versions of the same web site
Possible reasons
- Memory limitatios in handled devices
- Policy made by whoeever decide on trust anchors
- Regional policies - some CA's are better trusted in some countries
Discussed so far
- Common set of anchors is a panacea
- Most agree that recommendation makes sense but not normative
- Need to agree what the recommendation would be and for whom
Proposal for recommendation
For Web Owners
- Ensure that cert is signed by CA with wide coverage (?)
- TLS consistency across handled and desktop versions
For standards org
- Need for a protocol to manage trust anchors. Could be IETF, XKMS ....
For Handled vendors
- Allow adding trust-anchor online
- ???
________________________________
From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org]
On Behalf Of Mary Ellen Zurko
Sent: den 31 oktober 2007 16:33
To: public-wsc-wg@w3.org
Subject: RE: ISSUE-130 (Trust Anchors): Trust Anchor Consistency Across
Devices? [Techniques]
As we discussed in the meeting today, we're looking for draft proposals
on what to do with this issue. We weren't able to come up with any on
this one. If no one sends any out within a week, we'll close this issue
down. Thanks.
Mez
Received on Wednesday, 31 October 2007 15:55:55 UTC