- From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Date: Fri, 28 Mar 2008 12:01:59 -0400
- To: "Thomas Roessler <tlr" <tlr@w3.org>
- Cc: public-wsc-wg@w3.org
Received on Friday, 28 March 2008 16:02:42 UTC
> I've updated the authoring practice in [1], [2] somewhat: [1] now What's a sensitive transaction? "Sensitive transactions also MUST be protected using the same level of protection." I don't know how to give examples of something that is sensitive, and something that isn't. Which seems important for understanding conformance to this one. What does "rely on" mean? "Web sites SHOULD NOT rely on mixed content, e.g., scripts or images served through plain HTTP connections when they control the appearance of a Web page served through TLS." Does it mean "don't do this" (don't author mixed content), or something else? grammer-o: "Web page MUST use direct links to a secure page rather than using redirects." Web pages.... typo? "Web Sites MUST NOT use unsafe redirection chains involving insecured HTTP connections " involving unsecured.... > 1. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#tls-consistency > 2. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#tls-redirect-nontls
Received on Friday, 28 March 2008 16:02:42 UTC