ISSUE-95

bookmark API interactions

State:
CLOSED
Product:
wsc-xit
Raised by:
Thomas Roessler
Opened on:
2007-08-01
Description:
We need to have a look at the interfaces exposed to pages in order to enable
bookmarking of sites: If an attacker can cause (through bad user interaction or
otherwise) a site with a trusted name to be bookmarked, then that attacker has
effectively laid the groundwork for successful bookmark-based phishing.
Related Actions Items:
Related emails:
  1. Re: ACTION-334: Propose language on Bookmarks API (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-02-27)
  2. Re: ACTION-334: Propose language on Bookmarks API (from Anil.Saldhana@redhat.com on 2008-02-25)
  3. Re: ACTION-334: Propose language on Bookmarks API (from tlr@w3.org on 2008-01-26)
  4. Re: IE Favorites Feature May Allow Phishing (from Anil.Saldhana@redhat.com on 2008-01-25)
  5. Meeting record: WSC WG f2f 2007-11-06 (from tlr@w3.org on 2007-11-21)
  6. Draft minutes: WSC WG 2007-11-06 (from tlr@w3.org on 2007-11-17)
  7. Re: IE Favorites Feature May Allow Phishing (from tlr@w3.org on 2007-10-29)
  8. RE: ISSUE-95: bookmark API interactions (from tyler.close@hp.com on 2007-08-02)
  9. ISSUE-95: bookmark API interactions (from dean+cgi@w3.org on 2007-08-01)
  10. Re: ISSUE-95: bookmark API interactions (from tlr@w3.org on 2007-08-01)

Related notes:

2008-02-25 06:44:58: Corresponding action has been closed and the changes proposed by Mez (and tlr) have been incorporated into the rec. [Anil Saldhana]

Display change log.

Mary Ellen Zurko <mzurko@us.ibm.com>, Chair, Thomas Roessler <tlr@w3.org >, Staff Contact
Tracker, originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: index.php,v 1.181 2008/07/24 08:03:39 dom Exp $