ISSUE-48
platform and browser security out of scope - NOT (public comment)
- State:
- CLOSED
- Product:
- wsc-usecases
- Raised by:
- Bill Doyle
- Opened on:
- 2007-04-16
- Description:
- From public comments
raised by: Al Gilman Alfred.S.Gilman@ieee.org
http://lists.w3.org/Archives/Public/public-usable-
authentication/2007Apr/0000.html
platform and browser security out of scope - NOT
where it says, in 5.6 and 5.7
(out of scope)
please consider
make a greater emphasis on the semantic model of the information; integrated
with information from these other sources and presented in platform-
appropriate ways.
Why?
There is a strong conflict between this scope restriction and the points
raised in 10.1.2, 10.1.6 etc. The user does not want to, and we don\'t want
them to need to, sub-divide the security information this finely. The user
also wants to extend trust to software in descending order of
trustworthiness. So the OS and browser, in the present order of things, have
priority in defining what terse messages merit user attention and how to
indicate these. Integration with the web browse realities means integrating
security information from the web application with security information from
the OS, [third party security monitor], browser, [browser plugin], and then
the page. If you can\'t make common cause with these other value-added players
in the security situation, you have blown your opportunity to connect with a
model the user can generally grok.
please consider
there is an analogy in terms of web pages respecting the system presentation
defaults when the user invokes High Contrast Mode. These are presentation
preferences that should be global across the desktop, and the presentation and
qualification of messages claiming to speak about security needs to respect
this pecking order, too.
- Related Actions Items:
- No related actions
- Related emails:
- Re: ISSUE-48: platform and browser security out of scope - NOT (public comment) (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-04-18)
- ISSUE-48: platform and browser security out of scope - NOT (public comment) (from dean+cgi@w3.org on 2007-04-16)
Related notes:
No additional notes.
Display change log
