- From: Thomas Roessler <tlr@w3.org>
- Date: Tue, 4 Mar 2008 02:17:34 +0100
- To: WSC WG <public-wsc-wg@w3.org>
Per ACTION-388, I've tried to capture the face-to-face meeting's discussion about self-signed certificates. While I was on it, I've also done some clean-up on the section on validated certificates, and shuffled a bit of text around. Web Security Context: Experience, Indicators, and Trust Editor's Draft 4 March 2008 $Revision: 1.175 $ $Date: 2008/03/04 01:15:49 $ http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#sec-trusted-certificates http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#selfsignedcerts I've thrown away the old "proven" language (which a lot of people didn't seem to like at the face-to-face), and am instead speaking of "pinning" a self-signed certificate to a site. That seemed closer to the language we used to actually discuss and explain the notion. Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Tuesday, 4 March 2008 01:17:44 UTC