- From: Mary Ellen Zurko <mzurko@us.ibm.com>
- Date: Fri, 26 Feb 2010 10:31:17 -0500
- To: ifette@google.com
- Cc: public-wsc-wg@w3.org
- Message-ID: <OFDB21501B.B7438D74-ON852576D6.0054A090-852576D6.00551D33@LocalDomain>
· What user interface element is the TLS indicator defined in this
specification.
The padlock in the address bar
· What user interface element is the identity signal defined in this
specification.
The location bar with the extra indicator information.
· What broadly accepted practices are considered sufficient for a trust
anchor to be deemed augmented assurance qualified (see 5.1.2 Augmented
Assurance Certificates ), and what data elements are deemed assured by
those certificates. [added ?what data elements?.]
WebTrust EV audit, in accordance with CA/B Forum EV guidelines.
O= and C= are deemed assured by those certificates.
II. To derive a human-readable subject name from an augmented assurance
certificate, user agents SHOULD use the Subject field's Organization (O)
and Country (C) attributes.
Conforms Advanced
IIa (or III replacement) They MUST use information that is subject to the
certificate authority's additional assurances, as documented in the user
agent's conformance statement.
Conforms Basic
XXVI. This [Definition: identity signal ] MUST be part of primary user
interface during usage modes which entail the presence of signaling to the
user beyond only presenting page content (should -> must)
Conforms Basic
XXXI User agents with a visual user interface MUST show the Identity
Signal in a consistent visual position. (should -> must)
Conforms Basic
XXXVIII · To inform the user about the party responsible for that
information, the Issuer field's Organization attribute MUST be displayed
in the Identity Signal, or in secondary user interface that is available
through a consistent interaction with the Identity Signal. (or in
secondary added)
Conforms Basic
XLIV Where security context information is provided in both primary and
secondary interface, the meaning of the presented information MUST be
consistent. Best practice will also avoid inconsistent presentation, such
as using identical or semantically similar icons for different information
in different places. (presentations moved out of must)
Conforms Basic (no change)
(should)
XLIX · An explanation of the information represented by the TLS
indicator , e.g., concerning the presence mixed content; (was ?level?)
Conforms Advanced (no change)
LX The [ Definition : TLS indicator ] MUST be part of primary user
interface during usage modes which entail the presence of signaling to the
user beyond only presenting page content (should -> must)
Conforms Basic
From: Mary Ellen Zurko/Westford/IBM@Lotus
To: public-wsc-wg@w3.org
Date: 02/19/2010 03:16 PM
Subject: updates to Google Chrome Implementation report
Sent by: public-wsc-wg-request@w3.org
I've made the following changes, based on our last meeting, and on the
discussions Thomas and I had today:
XLIII - Conforms Basic (redundant)
XLIV - Conforms Basic
XXIX - Does Not Conform Basic
XXX - Does Not Conform Basic
XXXVI - Conforms Basic
LXXVIII - Conforms Basic
XCVII - Conforms Basic
and a bit of cleanup
Ian and Thomas, at the very least, should verify they understand and agree
with each of these. I'll upload the changed Implemenation report.
Mez
Received on Friday, 26 February 2010 15:30:20 UTC