ACTION-18

Formalize the need to be able to understand/visualize the \"strength\" of SSL protection in place

State:
closed
Person:
Bill Doyle
Due on:
November 21, 2006
Created on:
November 14, 2006
Related emails:
  1. Agenda, Wednesay, 23 May, WSC Call (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-05-22)
  2. Re: Agenda, 09 Jan, WSC Call (from tlr@w3.org on 2007-01-09)
  3. Agenda, 09 Jan, WSC Call (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-01-05)
  4. Agenda, 09 Jan, WSC Call (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-01-05)
  5. Minutes: WSC WG face-to-face 2006-11-14/15 (from tlr@w3.org on 2006-11-21)
  6. Re: Action Item 18 - understand/visualize the strength of SSL (from tlr@w3.org on 2006-11-20)
  7. Action items (from tlr@w3.org on 2006-11-17)

Related notes:

The strength of SSL protection is based on a negotiated session between a server and a users browser. The SSL protocol provides mechanisms for the server and browser to identify cipher suites that they have in common and negotiate mutually acceptable ciphers. Configuration settings may allow the use of different cipher suites that could impact the actual strength of SSL. Many browsers use an on/off presentation to display SSL noting that SSL is either protecting the session or not. A binary representation of SSL (on/off) gives the user the impression that each site that uses SSL provides an equal level of protection.

1 Dec 2006, 00:00:00

Display change log.

Mary Ellen Zurko <mzurko@us.ibm.com>, Chair, Thomas Roessler <tlr@w3.org>, Staff Contact
Tracker (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 18.html,v 1.1 2010/10/11 09:34:22 dom Exp $