- From: Thomas Roessler <tlr@w3.org>
- Date: Sun, 2 Sep 2007 10:15:58 +0200
- To: stephen.farrell@cs.tcd.ie
- Cc: public-wsc-wg@w3.org
On 2007-08-29 15:52:11 +0000, Web Security Context Working Group Issue Tracker wrote: > ISSUE-106 (cert/URL matching): We need to define details of > cert/URL matching [Techniques] > http://www.w3.org/2006/WSC/track/issues/ > Raised by: Stephen Farrell > On product: Techniques > If we are react to certs that don't match a URL then we need a > well defined matching rule So, we say that "if cert doesn't match, blah blah, then..." -- for that, the rules in RFC 2818 (https) combined with RFC 3280 (pkix) would seem to be sufficient. Are you suggesting that we just reference these two documents, or do you have something deeper in mind? Thanks, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Sunday, 2 September 2007 08:16:00 UTC