> SSCs MUST NOT be considered logotype certificates. > Is that ok? Do we ever want to use a logo from an SSC? They're referenced in Identity Signal and Additional Security Context Information. If an SSC has made it through the probation period, why not? > 5.3.1 Certificate errors > If an validated certificate is used in a TLS-protected interaction, Typo, an->a And I realize as I read that that Johnathan is right; there are several items that presume that the user agent has kept the certificate history (associating an AAC with a site, and noticing a change of SSC).
Received on Friday, 14 December 2007 20:32:27 UTC