- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Fri, 09 May 2008 14:34:06 +0100
- To: Johnathan Nightingale <johnath@mozilla.com>
- CC: Thomas Roessler <tlr@w3.org>, W3C WSC W3C WSC Public <public-wsc-wg@w3.org>
Johnathan Nightingale wrote: > > Hey Thomas, > > The text below was proposed by me, and is in the document, and is > probably enough to close the issue. But in side conversations with Mez, > I ruminated over the fact that it's not clear to me whether this > renders, e.g., Firefox 3 non-compliant. I *think* we'd be fine, because > this line seems to carry the day: > >>> The requirements in this section do not require user agents to >>> store information about past interactions longer than they >>> otherwise would. > > But the thing is, we DO store plenty of information about past > interactions: browsing history, bookmarks, saved passwords, cookies, as > examples. But we do NOT store historical TLS information. I *think* > that's still okay, ... Have to say that that interpretation didn't occur to me at all, so I guess, like Thomas, I'd rather that whatever do write down implies that UAs are to store historical TLS info. While I can see why an implementer might not be overjoyed with that change, I don't think that we should limit ourselves to producing a REC with which current UAs are already compliant. S.
Received on Friday, 9 May 2008 13:35:32 UTC