On Fri, 2010-09-24 at 16:01 -0700, =JeffH wrote: > > > Given all this, I suggest we change the last part of the last sentence of > > > the "Security Note" quoted above to something like.. > > > > > > ..., by forcing the user to view the entire certification path > > > and only then allowing the user to choose whether to accept the > > > certificate on a temporary or permanent basis. See [WSC-UI] for > > > further guidance. > > > > > > ..and leave it at that in -tls-server-id-check. We should also consider > > > making [WSC-UI] a normative reference now that it is at Recommendation > > > maturity level. > > > > OK. I suggest s/to choose whether //; the point is that the user > > accepts the certificate. > > I tend to think we ought to at least mention the notion that the cert can be > accepted either temporarily or permanently.
And that remains after my proposed edit. If you want to emphasize that it's the user's choice, try this: "...and only then allowing the user to accept the certificate on a temporary or permanent basis, at his/her option." The problem with the current text is that its negation could be that someone else does the choosing, when it should be that the certificate is not accepted. -- Matt _______________________________________________ certid mailing list [email protected] https://www.ietf.org/mailman/listinfo/certid
