WSC implementation report Jan 2010 for Opera 10.10 Desktop

* 1. The version is Opera 10.10

  * 2. Even though we currently do not do a hard stop on expired or  non-matching certificates, I think we could be considered mostly Basic 
compliant. One could posibly make the argument that with 10.50 we are  almost where Firefox is with respect to these, and in 10.10 the warnings 
block the user's activity in the affected tab. Both we and FF allow the  user to continue, and to remember the decision, but it still requires that 
the user use 1 or 3 clicks, respecitively to do that in Opera, and some  more in FF. It may be an interpretation question whether these are  warnings or danger errors.

   For the advanced compliance where we fail, some of it is available  elsewhere (visited before, cookie credentials), we may not be explaining 
as well as we should in LXXX, and in the case of CII it is a N/A since we  don't support such functionality. I'd consider us mostly Advanced
compliant too.

  * 3. Supported algorithms AES 128/256, 3DES, RC4, MD5, SHA-1, SHA-256, 
SHA-512,   10.x supports SSL v3, TLS 1.0, TLS 1.1 and TLS 1.2, all currently  considered strong (when you discount the TLS renego issue)

  * 4. This version does not support by default any methods we currently  consider inherently weak. There is no support for SSL v2, 40-bit or 56 bit 
ciphers. There is a possibility to enable support for anonymous DH and the  Authentication only ciphers, but these always trigger a warning to the  user.

We *do* consider RSA, DH and DSA keys shorter than 1000 bits to be weak,  and below 900 bits we issue a warning.

In 10.x we have auto-updatable preferences that can trigger warnings for  MD5 and SHA-1  in certificates, or disable support completely. The same  exist for SSL v3.

  * 5. Extended Validation is the only currently supported AA cert scheme.  These are recognized based on certificate policy identifiers coded in the  certificate chain, and are only accepted if the Root certificate is  associated with the same OID (digitally signed information about this  association is downloaded regularly from an online repository).

  * 6. We provide warnings about weak certificate keys (the level can be  auto-updated), reduce security level if OCSP or CRLs fail (but not if they
are not specified).

Conforms Basic
(conforms to a MUST or MUST NOT)

Does Not Conform Basic

Conforms Advancedbr> (conforms to a SHOULD or SHOULD NOT)

Does Not Conform Advanced

Conforms Optional
(conforms to a MAY

Does Not Conform Optional

WSC Clause

Opera

I.

Conforms Basic

II.

Conforms Basic

III.

Does Not Conform Basic

VII.

Conforms Basic

VIII.

Conforms Basic

IX.

Conforms Basic

X.

Conforms Basic

XI.

Conforms Basic

XII.

Conforms Basic

XIV.

Conforms Basic

XVI.

Conforms Basic

XVII.

Conforms Basic

XVIII.

Conforms Basic

XIX.

Conforms Basic

XXI.

Conforms Basic

XXII.

Conforms Basic

XXV.

Conforms Basic

XXVII.

Conforms Basic

XXVIII.

Conforms Basic

XXIX.

Conforms Basic

XXX.

Does Not Conform Basic

XXXII.

Conforms Basic

XXXIII.

Conforms Basic

XXXIV.

Conforms Basic

XXXV.

Conforms Basic

XXXVI.

Conforms Basic

XXXVIII.

Conforms Basic

XXXIX.

Does Not Conform Basic

XL.

Conforms Basic

XLII.

Conforms Basic

XLIII.

Conforms Basic

XLIV.

Conforms Basic

XLV.

Conforms Basic

XLVI.

Conforms Basic

XLVII.

Conforms Basic

XLVIII.

Conforms Basic

LVIII.

Conforms Basic

LIX.

Conforms Basic

LXI.

Conforms Basic

LXII.

Conforms Basic

LXIII.

Conforms Basic

LXVI.

Conforms Basic

LXXI.

Conforms Basic

LXXV.

Conforms Basic

LXXVII.

Conforms Basic

LXXVIII.

Conforms Basic

LXXIX.

Conforms Basic

LXXXI.

Conforms Basic

LXXXII.

Conforms Basic

LXXXIII.

Conforms Basic

LXXXIV.

Conforms Basic

LXXXVI.

Conforms Basic

LXXXVIII.

Conforms Basic

XC.

Conforms Basic

XCI.

Conforms Basic

XCIII.

Conforms Basic

XCIV.

Conforms Basic

XCV.

Conforms Basic

XCVI.

Conforms Basic

XCVII.

Conforms Basic

XCVIII.

Conforms Basic

XCIX.

Conforms Basic

CIII.

Conforms Basic

CIV.

Conforms Basic

 

 

VI.

Conforms Advanced

XXIII.

Does Not Conform Advanced

XXVI.

Conforms Advanced

XXXI.

Conforms Advanced

XLIX.

Conforms Advanced

L.

Conforms Advanced

LI.

Does Not Conform Advanced

LII.

Does Not Conform Advanced

LIII.

Conforms Advanced

LIV.

Conforms Advanced

LX.

Conforms Advanced

LXIV.

Conforms Advanced

LXV.

Conforms Advanced

LXVII.

Conforms Advanced

LXX.

Conforms Advanced

LXXII.

Conforms Advanced

LXXIII.

Conforms Advanced

LXXIV.

Conforms Advanced

LXXVI.

Conforms Advanced

LXXX.

Does Not Conform Advanced

LXXXV.

Conforms Advanced

LXXXIX.

Conforms Advanced

XCII.

Conforms Advanced

C.

Conforms Advanced

CII.

Conforms Advanced

CV.

Conforms Advanced

CVI.

Conforms Advanced

 

 

IV.

Conforms Optional

V.

Conforms Optional

XIII.

Conforms Optional

XV.

Conforms Optional

XX.

Conforms Optional

XXIV.

Conforms Optional

XXXVII.

Conforms Optional

XLI.

Conforms Optional

LV.

Does Not Conform Optional

LVI.

Does Not Conform Optional

LVII.

Does Not Conform Optional

LXVIII.

Conforms Optional

LXIX.

Conforms Optional

LXXXVII.

Conforms Optional

CI.

Does Not Conform Optional