ISSUE-104

Some information in certificates is not trustworthy

State:
CLOSED
Product:
wsc-xit
Raised by:
Thomas Roessler
Opened on:
2007-08-19
Description:
It feels like we need a sentence or two somewhere that says
that the content of certificates may not be trusted, and that
untrusted and trusted certificate content MUST NOT be mixed when
displayed to users.  Some of that is in the last sentence of 4.3.7
[1], but I don't think it's even near enough.

However, I'm unsure where that should go -- it fits the "don't
conflate content and security context" theme in 7.1 [2], and could
live in a section 7.2, it could go into the TLS related section, or
it could go into chapter 4.  Opinions welcome.

1. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#sec-trusted-certificates
2. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#site-identifying
Related Actions Items:
Related emails:
  1. ISSUE-104 Some information in certificates is not trustworthy (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-03-21)
  2. Re: Agenda: WSC WG weekly 2008-03-19 (from johnath@mozilla.com on 2008-03-19)
  3. Re: Agenda: WSC WG weekly 2008-03-19 (from janv@opera.com on 2008-03-19)
  4. Agenda: WSC WG weekly 2008-03-19 (from tlr@w3.org on 2008-03-19)
  5. RE: Agenda: WSC WG distributed meeting, Wednesday, 2008-03-05 (from hlockhar@bea.com on 2008-03-05)
  6. Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-03-05 (from egelman@cs.cmu.edu on 2008-03-04)
  7. Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-03-05 (from ifette@google.com on 2008-03-04)
  8. Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-03-05 (from Anil.Saldhana@redhat.com on 2008-03-04)
  9. RE: Agenda: WSC WG distributed meeting, Wednesday, 2008-03-05 (from hlockhar@bea.com on 2008-03-04)
  10. RE: Agenda: WSC WG distributed meeting, Wednesday, 2008-03-05 (from dan.schutzer@fstc.org on 2008-03-04)
  11. Agenda: WSC WG distributed meeting, Wednesday, 2008-03-05 (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-03-04)
  12. Meeting record: WSC WG f2f 2007-11-06 (from tlr@w3.org on 2007-11-21)
  13. Draft minutes: WSC WG 2007-11-06 (from tlr@w3.org on 2007-11-17)
  14. RE: ACTION-318: Draft a new subsection to section 7 discussing the mixing of trusted/untrusted information in the UI (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-11-14)
  15. Meeting record: WSC WG f2f 2007-10-03 (from tlr@w3.org on 2007-10-25)
  16. Draft Minutes: WSC WG face-to-face 2007-10-03 (from tlr@w3.org on 2007-10-10)
  17. Re: Draft Minutes: WSC WG face-to-face 2007-10-03 (from ifette@google.com on 2007-10-09)
  18. Updated editor's draft: PageInfoSummary (ACTION-281) (from tlr@w3.org on 2007-08-19)
  19. ISSUE-104: Some information in certificates is not trustworthy [Techniques] (from sysbot+tracker@w3.org on 2007-08-19)

Related notes:

2007-10-03 00:00:00: Related to ISSUE-109 [Mary Ellen Zurko]

Display change log.

Mary Ellen Zurko <mzurko@us.ibm.com>, Chair, Thomas Roessler <tlr@w3.org >, Staff Contact
Tracker, originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: index.php,v 1.181 2008/07/24 08:03:39 dom Exp $