- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 7 Mar 2008 14:59:52 +0100
- To: WSC WG <public-wsc-wg@w3.org>
From a discussion with Mez on IRC, I've made some changes to the nomenclature in wsc-xit, around wsc-xit. - self-signed and validated certificates are now mutually exclusive; "pinning" a self-signed certificate to a destination does not cause it to be considered a validated certificate. While I was on it, I've reinstated the "don't conclude anything from assertions that come with a self-signed cert" clause that we seemed to have lost when merging Stephen's edit. - Where (like in the definition of strong and weak TLS) validated certificates were assumed to include self-signed certificates, that's now explicitly called out. It seems like this doesn't directly affect 6.1 (in fact, I suspect that the old state of the language had some unintended consequences there). It almost certainly affects the error handling section, which comes with a "big fat warning" note in the editor's draft, as it needs a more thorough rewrite. http://www.w3.org/2006/WSC/drafts/rec/ Web Security Context: Experience, Indicators, and Trust Editor's Draft 7 March 2008 $Revision: 1.184 $ $Date: 2008/03/07 13:55:37 $ Regards, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 7 March 2008 14:00:03 UTC