ISSUE-190 (relaxedpathvalidation): Relaxed Path Validation - optional, recommended? [wsc-xit] from Web Security Context Working Group Issue Tracker on 2008-04-16 (public-wsc-wg@w3.org from April 2008)

From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Wed, 16 Apr 2008 16:11:26 +0000 (GMT)
To: public-wsc-wg@w3.org
Message-Id: <20080416161126.8BAB06B62D@kent.w3.org>

ISSUE-190 (relaxedpathvalidation): Relaxed Path Validation - optional, recommended? [wsc-xit]

http://www.w3.org/2006/WSC/track/issues/

Raised by: Ian Fette
On product: wsc-xit

This blocks on ACTION-416

It seems bad to have different browsers doing different things for the same site, specifically regarding whether SSL errors are displayed or not. I think we need to be consistent in whether we tell people to use relaxed path validation for normal (non-AA) certs or not. I.e. we should specify whether by default, relaaxed path validation should be used, or whether it's just an option that we expect 0.0001% of users to enable.

Received on Wednesday, 16 April 2008 16:12:01 UTC