- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 28 Mar 2008 17:13:40 +0100
- To: Mary Ellen Zurko/Westford/IBM <Mary_Ellen_Zurko@notesdev.ibm.com>
- Cc: public-wsc-wg@w3.org
On 2008-03-28 12:01:59 -0400, Mary Ellen Zurko/Westford/IBM wrote: > "Sensitive transactions also MUST be protected using the same level of > protection." > I don't know how to give examples of something that is sensitive, and > something that isn't. Which seems important for understanding conformance > to this one. I don't know who contributed this text and have no strong opinion about it. > What does "rely on" mean? > "Web sites SHOULD NOT rely on mixed content, e.g., scripts or images > served through plain HTTP connections when they control the appearance of > a Web page served through TLS." > Does it mean "don't do this" (don't author mixed content), or something > else? mostly "don't do this" -- changed to "SHOULD NOT serve.." > grammer-o: > "Web page MUST use direct links to a secure page rather than using > redirects." > Web pages.... fixed > typo? > "Web Sites MUST NOT use unsafe redirection chains involving insecured HTTP > connections " > involving unsecured.... indeed -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 28 March 2008 16:14:16 UTC