- From: Mary Ellen Zurko <mzurko@us.ibm.com>
- Date: Fri, 26 Feb 2010 10:21:01 -0500
- To: yngve@opera.com
- Cc: public-wsc-wg@w3.org,janv@opera.com
- Message-ID: <OF398CB451.56F50EC1-ON852576D6.00537A53-852576D6.00542C91@LocalDomain>
· What user interface element is the TLS indicator defined in this specification. padlock in the address bar · What user interface element is the identity signal defined in this specification. location bar with extra area on the right · What broadly accepted practices are considered sufficient for a trust anchor to be deemed augmented assurance qualified (see 5.1.2 Augmented Assurance Certificates ), and what data elements are deemed assured by those certificates. [added ?what data elements?.] Extended Validation is the only currently supported AA cert scheme. These are recognized based on certificate policy identifiers coded in the certificate chain, and are only accepted if the Root certificate is associated with the same OID (digitally signed information about this association is downloaded regularly from an online repository). O= and C= are deemed assured by those certificates. II. To derive a human-readable subject name from an augmented assurance certificate, user agents SHOULD use the Subject field's Organization (O) and Country (C) attributes. Conforms Advanced IIa (or III replacement) They MUST use information that is subject to the certificate authority's additional assurances, as documented in the user agent's conformance statement. Conforms Basic XXVI. This [Definition: identity signal ] MUST be part of primary user interface during usage modes which entail the presence of signaling to the user beyond only presenting page content (should -> must) Conforms Basic XXXI User agents with a visual user interface MUST show the Identity Signal in a consistent visual position. (should -> must) Conforms Basic XXXVIII · To inform the user about the party responsible for that information, the Issuer field's Organization attribute MUST be displayed in the Identity Signal, or in secondary user interface that is available through a consistent interaction with the Identity Signal. (or in secondary added) Conforms Basic (no change) XLIV Where security context information is provided in both primary and secondary interface, the meaning of the presented information MUST be consistent. Best practice will also avoid inconsistent presentation, such as using identical or semantically similar icons for different information in different places. (presentations moved out of must) Conforms Basic (no change) (should) XLIX · An explanation of the information represented by the TLS indicator , e.g., concerning the presence mixed content; (was ?level?) Conforms Advanced (no change) LX The [ Definition : TLS indicator ] MUST be part of primary user interface during usage modes which entail the presence of signaling to the user beyond only presenting page content (should -> must) Conforms Basic From: Mary Ellen Zurko/Westford/IBM@Lotus To: public-wsc-wg@w3.org Date: 02/19/2010 12:37 PM Subject: changes to Opera table Sent by: public-wsc-wg-request@w3.org based on the meeting discussion and review of the table against Opera's more detailed notes (which I have also posted), I'm making the following changes to the Opera table: XXX - Does Not Conform Basic XXIX - Does Not Conform Basic XVII - Conforms Basic XVII - Conforms Basic XXIII - Does Not Conform Advanced CII - Conforms Advanced I'll be uploading the updated table to the Implementation report area. Yngve, Jan Vidar and Thomas (at least) should double check each of these to ensure they understand and agree.
Received on Friday, 26 February 2010 15:20:04 UTC