- From: Johnathan Nightingale <johnath@mozilla.com>
- Date: Mon, 7 Jan 2008 10:10:30 -0500
- To: Web Security Context Working Group WG <public-wsc-wg@w3.org>
This was actually raised by me. Missed the combo box. I've updated the issue. Cheers, J On 7-Jan-08, at 9:53 AM, Web Security Context Working Group Issue Tracker wrote: > > > ISSUE-169: Section 5.5.3 creates a burden on browsers to remember > past certificates > > http://www.w3.org/2006/WSC/track/issues/ > > Raised by: Sunil Agrawal > On product: > > As I understand it, this section creates an inescapable obligation > on user agents to store certificate history. Aside from the > challenge that no major browser currently does this (as far as I > know), this creates privacy and implementation concerns around data > retention. We don't say how long this information must be kept, but > we say the browser MUST treat it as a change of security level, > which does not seem to leave open the possibility of not storing it. > > > --- Johnathan Nightingale Human Shield johnath@mozilla.com
Received on Monday, 7 January 2008 15:10:43 UTC