- From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Mon, 22 Feb 2010 23:07:42 +0000 (GMT)
- To: public-wsc-wg@w3.org
ISSUE-237: Augmented Assurance Certificate Elements [wsc-xit] http://www.w3.org/2006/WSC/track/issues/237 Raised by: Thomas Roessler On product: wsc-xit During CR, it was observed that: - implementations commonly display O and CN - if O is not present, extended validation certificates are still recognized (against conformance claim III), and CN is displayed Proposed: - to augment the conformance claim by a statement that identifies "What broadly accepted practices are considered sufficient for a trust anchor to be deemed augmented assurance qualified (see 5.1.2 Augmented Assurance Certificates), and what data elements are deemed assured by those certificates." - to change conformance claims II and III into the following: "To derive a human-readable subject name from an augmented assurance certificate, user agents SHOULD use the Subject field's Organization (O) and Country (CN) attributes. They MUST use information that is subject to the certificate authority's additional assurances, as documented in the user agent's conformance statement." (#II and #IIa in the latest editor's draft)
Received on Monday, 22 February 2010 23:07:44 UTC