- From: Close, Tyler J. <tyler.close@hp.com>
- Date: Tue, 4 Mar 2008 23:56:23 +0000
- To: Johnathan Nightingale <johnath@mozilla.com>
- CC: W3C WSC W3C WSC Public <public-wsc-wg@w3.org>
Hi Johnathan, How does the GUI for adding a trusted certificate deal with certificates that claim to represent multiple hostnames via subjectAltNames, or via a wildcard? Is there an API accessible to addons for adding such trusted certificates? If so, could you provide a pointer? Thanks, --Tyler > -----Original Message----- > From: public-wsc-wg-request@w3.org > [mailto:public-wsc-wg-request@w3.org] On Behalf Of Johnathan > Nightingale > Sent: Friday, February 29, 2008 12:00 PM > To: W3C WSC W3C WSC Public > Subject: Re: ACTION-401: Larry as Lo-Fi prototype for 6.1.1 > > Incidentally, I think this works as a prototype for 6.1.2 as well: > > > Information displayed in the identity signal MUST be derived from > > attested certificates, from user agent state, or be otherwise > > authenticated. Web user agents MUST NOT use information as part of > > the [[identity signal]] that is taken from unauthenticated or > > untrusted sources. > > Yep. In the case of a site with an unattested, but explicitly trusted > by the user, certificate, Larry looks like this: > >
Received on Tuesday, 4 March 2008 23:57:32 UTC