- From: Thomas Roessler <tlr@w3.org>
- Date: Mon, 22 Dec 2008 15:34:39 +0100
- To: WSC WG <public-wsc-wg@w3.org>
In LC-2093 [1], a comment is made that we're discriminating against possible future versions of augmented assurance certificates since we have a MSUT concerning the O attribute. The resolution in our call on 8 October [2] was to add a note that explains that there is actually an extension point here, in that a user agent that has special behavior for some kind of future EV certificate issued to individuals (and without an O attribute) would still be compliant. I propose the following change to the text: In the end of [3], let's append this paragraph: > Note: Should certificates arise in the future that provide strong > assurance of the holder's identity, but do not include an > organization attribute, then user agents can make use of the > additional assurance level and identity information without > violating this specification. Such future certificates could, for > example, include high assurance certificates for individuals. This is not yet in the editor's draft. 1. http://www.w3.org/2006/02/lc-comments-tracker/39814/WD-wsc-ui-20080724/2093 2. http://www.w3.org/2008/10/08-wsc-minutes.html 3. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#sec-evcert -- Thomas Roessler, W3C <tlr@w3.org>
Received on Monday, 22 December 2008 14:34:50 UTC