| CARVIEW |
Select Language
HTTP/2 301
date: Wed, 08 Oct 2025 16:26:53 GMT
content-type: text/html; charset=ISO-8859-1
location: https://lists.w3.org/Archives/Public/public-wsc-wg/2007Oct/0060.html
cf-ray: 98b7009e68ddb22e-BLR
cache-control: max-age=21600
expires: Wed, 08 Oct 2025 22:26:53 GMT
x-backend: www-mirrors
x-request-id: 98b7009e68ddb22e
strict-transport-security: max-age=15552000; includeSubdomains; preload
content-security-policy: frame-ancestors 'self' https://cms.w3.org/ https://cms-dev.w3.org/; upgrade-insecure-requests
cf-cache-status: MISS
set-cookie: __cf_bm=.80.kHa3pQDd6cr2RQsEEqv4xV_2F7zj8CtdoDWxkIg-1759940813-1.0.1.1-UVV4ZOHks6XDvHbWhIV00a6epz0IxF7H246BNyx3Fkzuz9Oz7MiUDducOWoP3NujHSlqRgUYO.vyRPej_uz9xqoPvzzPYNDxAUi.I9xBTAE; path=/; expires=Wed, 08-Oct-25 16:56:53 GMT; domain=.w3.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
HTTP/2 200
date: Wed, 08 Oct 2025 16:26:53 GMT
content-type: text/html
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 18:19:59 GMT
cache-control: max-age=2592000, public
expires: Fri, 07 Nov 2025 16:26:53 GMT
vary: Accept-Encoding
access-control-allow-origin: *
x-request-id: 98b700a41fb01eef
strict-transport-security: max-age=15552015; preload
x-frame-options: deny
x-xss-protection: 1; mode=block
cf-cache-status: MISS
server: cloudflare
cf-ray: 98b700a41fb01eef-BLR
alt-svc: h3=":443"; ma=86400
ISSUE-121: Safe Form Bar certificate matching issues [Techniques] from Web Security Context Working Group Issue Tracker on 2007-10-11 (public-wsc-wg@w3.org from October 2007)
ISSUE-121: Safe Form Bar certificate matching issues [Techniques]
- From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Thu, 11 Oct 2007 09:51:56 +0000 (GMT)
- To: public-wsc-wg@w3.org
- Message-Id: <20071011095156.B69CFBEEE@nelson.w3.org>
ISSUE-121: Safe Form Bar certificate matching issues [Techniques] https://www.w3.org/2006/WSC/track/issues/ Raised by: Thomas Roessler On product: Techniques The safe form bar specification includes a specific matching algorithm for PKIX certificates. This algorithm should be reviewed in light of what the PKIX spec itself says. Known issues: - There is some material based on CN, but subjectAltName is ignored - Two certificates are considered identical if the same key material is encapsulated - The text uses the notion of "same certification authority", and defines that notion in terms of "both installed as trusted certificate chain roots identified by the same name in the user agent's presentation to the user", as opposed to using the certificate's isuser field. (Note contradiction to material elsewhere in the spec!) - Certificates are considered to identify the same entity based on comparing specific attributes of the subject field.
Received on Thursday, 11 October 2007 09:52:12 UTC