Re: Nomenclature fixes around self-signed certificates

On 2008-03-07 10:21:24 -0500, Mary Ellen Zurko wrote:

> In the context of the rewrite, I've got problems with this: A
> certificate that is [Definition: pinned] to a destination will be
> treated similar (but not identical) to a validated certificate in
> interactions defined elsewhere in this specification.

> Since it seems to contradict the spirit of the differentiation, and I just 
> find it confusing, vague, and uninformative. There are two fixes I can 
> think of.

> 1) If the spec is clear on the similarities and differences throughout, 
> just remove the line.

It will eventually be, but isn't yet.  Also, without that line, it
doesn't become clear at all what the "pinning" is supposed to
achieve.  So I'd rather keep it as an explanation.

> 2) if it's not, replace or augment the line with what they are. 

I'd be happy to include some examples once the differences are
hammered out.  I wouldn't want to repeat the entire material from
elsewhere here.

-- 
Thomas Roessler, W3C  <tlr@w3.org>

Received on Friday, 7 March 2008 15:24:52 UTC