Author
Mary Ellen Zurko
<mzurko@us.ibm.com>
Thomas Roessler <tlr@w3.org>
Date
This document is a preliminary
implementation report against the current editor’s draft at
/2006/
Basic and advanced conformance are defined as in the document's conformance
section.
Whether basic or
advanced conformance is claimed (see 3.3 Conformance levels)
Basic
What
Supported algorithms:
In 10.x we have auto-updatable preferences that can trigger
warnings for MD5 and SHA-1 in certificates, or disable support completely. The
same exist for SSL v3.
What user
interface element is the
padlock in the address bar
What user
interface element is the identity signal defined in this specification.
location bar with extra area on the right
What broadly
accepted practices are considered sufficient for a trust anchor to be deemed
augmented assurance qualified (see 5.1.2 Augmented Assurance Certificates), and
what data elements are deemed assured by those certificates.
Extended Validation is the only currently supported AA cert
scheme. These are recognized based on certificate policy identifiers coded in
the certificate chain, and are only accepted if the Root certificate is
associated with the same OID (digitally signed information about this
association is downloaded regularly from an online repository).
O= and C= are deemed assured by those certificates.
What features
beyond the claimed conformance level the user agent conforms with.
See table below.
Whether basic or
advanced conformance is claimed (see 3.3 Conformance levels)
Basic
What
On Linux, we enable only cipher suites with keys of at least 80
bits. On Windows, we share system wide SSL settings for supported cipher
suites, and explicitly disable SSLv2 and MD2 and MD4 on certificate signatures.
We don’t have anything we accept but consider “weak”.
What user
interface element is the
The padlock in the address bar
What user
interface element is the identity signal defined in this specification.
The location bar with the extra indicator information
What broadly
accepted practices are considered sufficient for a trust anchor to be deemed
augmented assurance qualified (see 5.1.2 Augmented Assurance Certificates), and
what data elements are deemed assured by those certificates.
WebTrust EV audit, in
accordance with CA/B Forum EV guidelines.
O= and C= are deemed assured by those certificates.
What features
beyond the claimed conformance level the user agent conforms with.
See table below.
Whether basic or
advanced conformance is claimed (see 3.3 Conformance levels)
Advanced
What
http://www.mozilla.org/projects/security/pki/nss/nss-3.11/nss-3.11-algorithms.html
contains a list of all supported algorithms. symmetric
keys smaller than 90 bits and RSA moduli < 768bits
are currently regarded as weak.
What user
interface element is the
The padlock in the lower right corner
What user
interface element is the identity signal defined in this specification.
The location bar and the area to the left
of it.
What broadly
accepted practices are considered sufficient for a trust anchor to be deemed
augmented assurance qualified (see 5.1.2 Augmented Assurance Certificates), and
what data elements are deemed assured by those certificates.
http://www.mozilla.org/projects/security/certs/policy/
O= and C= are deemed assured by those certificates.
What features
beyond the claimed conformance level the user agent conforms with.
See table below.
|
Opera |
Chrome |
Firefox |
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
NA |
NA |
NA |
|
Conforms
Optional |
Does Not
Conform Optional |
Does Not
Conform Optional |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Optional |
Does Not
Conform Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Optional |
Conforms
Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Optional |
Conforms
Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
NA |
NA |
NA |
|
Conforms
Optional |
Does Not
Conform Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
NA |
NA |
NA |
|
NA |
NA |
NA |
|
NA |
NA |
NA |
|
NA |
NA |
NA |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Optional |
Conforms
Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Optional |
Conforms
Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Does Not
Conform Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Does Not
Conform Advanced |
Does Not
Conform Advanced |
Conforms
Advanced |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
NA |
NA |
NA |
|
Does Not
Conform Optional |
Conforms
Optional |
Does Not
Conform Optional |
|
Does Not
Conform Optional |
Does Not
Conform Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Advanced |
Conforms Advanced |
Conforms Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
NA |
NA |
NA |
|
NA |
NA |
NA |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms
Optional |
Conforms
Optional |
Conforms
Optional |
|
Conforms
Optional |
Does Not
Conform Optional |
Does Not
Conform Optional |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
NA |
NA |
NA |
|
NA |
NA |
NA |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Does Not
Conform Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
NA |
NA |
NA |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Optional |
Conforms
Optional |
Conforms
Optional |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
NA |
NA |
NA |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms Basic |
Conforms Basic |
Conforms Basic |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |
|
Conforms
Advanced |
Conforms
Advanced |
Conforms
Advanced |