ISSUE-142
Page Security Score does not yet have enough content behind it
- State:
- CLOSED
- Product:
- wsc-xit-past-062008
- Raised by:
- Mary Ellen Zurko
- Opened on:
- 2007-12-14
- Description:
- 6.3
"The user agent MUST reduce the state of all security context information made available to a single value. "
I'm not convinced of the MUST. The thinking in this section has not taken into account the richness and diversity of identity information, vs. security quality/protection information. If there was a proposal for a way to delineate security quality/protection information, or remove identity identification data from this value, I might go with it. But I can't come up with that myself at this moment. So I propose instead that this be a SHOULD. This would also imply a SHOULD for the following:
"The user agent MUST make the security context information value available to the end user, in either primary or secondary chrome"
We still need a lo fi prototype of this. We can't keep this in the recommendation without at least an example we've all looked at and had "expert" review of. It's too vague to make it all the way to recommendation otherwise (remember the whole coding step thing). - Related Actions Items:
- No related actions
- Related emails:
- Re: ISSUE-142: Page Security Score does not yet have enough content behind it [wsc-xit] (from hahnt@us.ibm.com on 2008-01-02)
- ISSUE-142: Page Security Score does not yet have enough content behind it [wsc-xit] (from sysbot+tracker@w3.org on 2007-12-14)
Related notes:
No additional notes.
Display change log
