$)CRe: updates to Google Chrome Implementation report from $)CMary Ellen Zurko on 2010-03-09 (public-wsc-wg@w3.org from March 2010)

From: $)CMary Ellen Zurko <mzurko@us.ibm.com>
Date: Tue, 9 Mar 2010 17:17:39 -0500
To: $)Cifette@google.com
Cc: $)CWan-Teh Chang <wtc@google.com>,public-wsc-wg@w3.org
Message-ID: <OF573C9C99.718D2DF3-ON852576E1.007A4470-852576E1.007A5059@LocalDomain>
$)Ctx Ian. That means we have no need of a meeting tomorrow. 


          Mez





From:   Ian Fette (+$+"+s+U+'+C+F+#) <ifette@google.com>
To:     Mary Ellen Zurko/Westford/IBM@Lotus, Wan-Teh Chang 
<wtc@google.com>
Cc:     public-wsc-wg@w3.org
Date:   03/09/2010 04:42 PM
Subject:        Re: updates to Google Chrome Implementation report



There was a question about what SSL cipher suites we support. To answer 
that:

On windows, we share system wide SSL settings for supported cipher suites, 
that are typically set via group policy (gpedit.msc -> administrative 
templates -> network -> ssl configuration settings). We explicitly disable 
sslv2 and md4. We will soon be changing this to match our behaviour on 
Linux, which is to enable only cipher suites with keys of at least 80 
bits. We don't currently have checks on the size of public keys or RSA 
moduli, but if people have suggestions would be open to hearing them.

We don't have anything we accept but consider "weak".

Adding in WTC in case I misspoke anywhere.

Am 2. Marz 2010 17:35 schrieb Ian Fette (+$+"+s+U+'+C+F+#) <
ifette@google.com>:
This looks correct. Thanks Mez.

Am 26. Februar 2010 07:31 schrieb Mary Ellen Zurko <mzurko@us.ibm.com>:

!$ What user interface element is the TLS indicator defined in this 
specification. 
The padlock in the address bar

!$ What user interface element is the identity signal defined in this 
specification. 
The location bar with the extra indicator information. 

!$ What broadly accepted practices are considered sufficient for a trust 
anchor to be deemed augmented assurance qualified (see 5.1.2 Augmented 
Assurance Certificates ), and what data elements are deemed assured by 
those certificates. [added !0what data elements!1.]
WebTrust EV audit, in accordance with CA/B Forum EV guidelines. 
O= and C= are deemed assured by those certificates. 
II. To derive a human-readable subject name from an augmented assurance 
certificate, user agents  SHOULD use the Subject field's Organization (O) 
 and Country (C) attributes. 
Conforms Advanced
IIa (or III replacement) They MUST  use information that is subject to the 
certificate authority's additional assurances, as  documented in the user 
agent's conformance statement. 
Conforms Basic

XXVI. This [Definition: identity signal ] MUST be part of primary user 
interface during usage modes which entail the presence of signaling to the 
user beyond only presenting page content (should -> must) 

Conforms Basic

XXXI User agents with a visual user interface  MUST show the  Identity 
Signal in a consistent visual position. (should -> must) 

Conforms Basic
XXXVIII !$  To inform the user about the party responsible for that 
 information, the Issuer field's Organization attribute MUST be displayed 
in the Identity Signal, or in secondary user interface that is available 
through a consistent interaction with the Identity Signal. (or in 
secondary added) 
Conforms Basic
XLIV Where security context information is provided in both primary and 
secondary interface, the  meaning of the presented information MUST be 
consistent. Best practice will also avoid inconsistent presentation, such 
as using identical or semantically similar icons for different information 
in different places. (presentations moved out of must) 
Conforms Basic(no change) 

(should)
XLIX !$  An explanation of the information represented by the TLS indicator 
 , e.g., concerning the presence mixed content; (was !0level!1) 

Conforms Advanced(no change)

LX The [ Definition : TLS indicator]  MUST be part of primary user 
interface during usage modes which entail the presence of signaling to the 
user beyond only presenting page content (should -> must) 

Conforms Basic



From:        Mary Ellen Zurko/Westford/IBM@Lotus
To:        public-wsc-wg@w3.org
Date:        02/19/2010 03:16 PM
Subject:        updates to Google Chrome Implementation report
Sent by:        public-wsc-wg-request@w3.org




I've made the following changes, based on our last meeting, and on the 
discussions Thomas and I had today: 

XLIII - Conforms Basic(redundant)
XLIV - Conforms Basic
XXIX - Does Not Conform Basic 
XXX - Does Not Conform Basic 
XXXVI - Conforms Basic
LXXVIII - Conforms Basic
XCVII - Conforms Basic

and a bit of cleanup

Ian and Thomas, at the very least, should verify they understand and agree 
with each of these. I'll upload the changed Implemenation report. 

         Mez





$)C
Received on Tuesday, 9 March 2010 22:16:34 UTC