- From: EdPimentl <edpimentl@gmail.com>
- Date: Mon, 4 Aug 2008 08:42:37 -0400
- To: public-bpwg-comments@w3.org
- Cc: fd@w3.org
- Message-ID: <9dc4a1670808040542l2f255480w7124e632524d6c02@mail.gmail.com>
Hello W3C members, I am the founder of Goowallet a Mobile Banking / Payment private label service provider After reading the Last Call comments we are very concern that many of these recommendations will seriously impact security, privacy and trust. We are therefore 100% oppose to allowing Disrupting HTTPS they way transcoder do today is probably illegal and certainly unethical. HTTPS is built to guarantee end2end security. Breaking end2end security is probably illegal. Men in the Middle/Interfering with HTTPS should not be permissible under any circumstances. Making(allowing) it possible for an Operator to now attempt to dismantle the security of the internet in favor of transcoding, will seriously and significantly and negatively impact the banking and financial industry. Data protection rules and regulations. If allow, this will also impact the national security of all law abiding nations. We also believe as stated by others in the mobile community that: The styleguide should spell out very clearly "The Transcoder is NOT allowed to change the User-Agent String". Original headers MUST not be changed (User-Agent string has a special place, but also the UAProf x-wap-profile is very very relevant). The use of MUST on the CTG when referring to the role of the server should not be allow, since irresponsible transcoding companies will use this to disrupt service and destroy the user experience set us back many years. We can accept RECOMMENDED, and only RECOMMENDED. Respectfully, Ed Pimentel GooWallet Founder http://Goowallet.ws (Mobile Banking/Payment) Mail: edpimentl [at] gmail (dot) com] Voip/IM: edpimentl [SKype | GoogleTalk ]
Received on Monday, 4 August 2008 13:28:26 UTC