RE: ISSUE-38: no safe haven in presentation space (from public comments)

I said I'd try to add more strength and clarity to the text of "directly 
addressing", as Bill and Tyler requested. Here's my next iteration  of the 
proposal: 



5.n Other Security Challenges

As stated in the [http://www.w3.org/2005/Security/wsc-charter charter], 
the mission of the Web Security Context Working 
Group is to specify a baseline set of security context information that 
should be accessible to Web users, and practices for the secure and usable 

presentation of this information, to enable users to come to a better 
understanding of the context that they are operating in when making trust 
decisions on the Web. While the work this group does may have a positive 
and beneficial effect on other security challenges on the web, directly 
addressing such challenges is out of scope. Examples listed are listed in 
[http://www.w3.org/2006/WSC/drafts/note/#out-of-scope Out of Scope], 
including
[http://www.w3.org/2006/WSC/drafts/note/#vaporware protocols and data 
formats] and [http://www.w3.org/2006/WSC/drafts/note/#XSS content 
production exploits]. These examples are not
exhaustive. 

Received on Friday, 15 June 2007 20:45:49 UTC