ISSUE-208

human readable names

Add security consideration for "human readable" names - e.g. petnames

State:
CLOSED
Product:
wsc-xit
Raised by:
Johnathan Nightingale
Opened on:
2008-05-14
Description:
9.4 Binding "human readable" names to domains

Several recommendations in this document concern themselves with the binding between domain names and certificates, but equally important for users is the binding between domain name/certificate and the actual real-world entity involved in the transaction. It is helpful, for example, to know not only that example.com presents a valid certificate, but also that it is the "Example Inc., Norway" with whom the user expects to be interacting. In the case of AA certificates, the identity information provided may be considered sufficient for this purpose, but non-AA validated certificates do not necessarily provide this real-world identity. User agents that wish to provide a mechanism for users to manually establish these linkages are advised to consider the Petnames [definition] approach described in [link to 5.1.6].
Related Actions Items:
Related emails:
  1. wsc-xit issues clean-up (from tlr@w3.org on 2008-08-21)
  2. Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-06-18 (from egelman@cs.cmu.edu on 2008-06-18)
  3. Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-06-18 (from ifette@google.com on 2008-06-17)
  4. Agenda: WSC WG distributed meeting, Wednesday, 2008-06-18 (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-06-17)
  5. Meeting record: 2008-05-14 (from tlr@w3.org on 2008-06-06)
  6. WSC Open Action Items (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-06-06)
  7. WSC Open Action Items (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-05-30)
  8. WSC Open Action Items (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-05-16)
  9. ISSUE-208 (human readable names): Add security consideration for 'human readable' names - e.g. petnames [wsc-xit] (from sysbot+tracker@w3.org on 2008-05-14)

Related notes:

No additional notes.

Display change log ATOM feed

Mary Ellen Zurko <mzurko@us.ibm.com>, Chair, Thomas Roessler <tlr@w3.org>, Staff Contact
Tracker (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 208.html,v 1.1 2010/10/11 09:35:12 dom Exp $