Re: FW: ISSUE-83: Scenario updates (for certain abilities andfunctional limitations) from Ian Fette on 2007-09-04 (public-wsc-wg@w3.org from September 2007)

From: Ian Fette <ifette@google.com>
Date: Tue, 4 Sep 2007 09:51:44 -0700
To: "Dan Schutzer" <dan.schutzer@fstc.org>
Cc: "Thomas Roessler" <tlr@w3.org>, public-wsc-wg@w3.org
Message-ID: <bbeaa26f0709040951p790bd0d2qf246ad3b082c967b@mail.gmail.com>
OK, here are my thoughts on the above use cases:

1. Minor nitpick, but should we be using real sites as examples in use cases
(especially when talking about blocking)? Or would it be better to use "
example.com", i.e. "This includes example.com. Jane turns on her PC and sets
her browser to example.com where she..."

2. Also on use case 1: I'm a bit unsure if this is in scope or not. If it's
something actually installed on the computer, then to me all bets are off.
Such "nanny" software does all sorts of weird things, has opportunities to
hook into the browser and do god knows what. The browser might be totally
unaware of the fact that it's being messed with, and in fact it might not
even get a 404 error (it might just get redirected to some error page being
hosted off of localhost served up by a mini-webserver being run by the
filter). In the corporate case, again you might have a proxy that's doing
filtering and again, you might not get a 404 but rather some page served up
by the proxy. Or stuff might just get dropped at the DNS level. Either way,
this is stuff operating at a level way deeper than the browser (possibly at
lower levels in the protocol stack), and it seems to me that browsers might
be at just as much of a loss as "Jane" when stuff starts mucking around with
the way things are going to work. (This includes filters sitting on the
network, as well as local executables actually hooking into the browser
itself - and note that in these "plugin" cases, the browser is likely
powerless to do anything, and one could construct an argument saying that
was good behavior because a user had actually installed a filtering plugin
and expressed a preference as to how things should work...)

Use case 2 I think is fine (perhaps difficult, but a good use case)

Use case 3 I've already given feedback on in a previous thread.

On 8/31/07, Dan Schutzer <dan.schutzer@fstc.org> wrote:
>
>
> Use case 1 is a draft replacement for the child protection use case
>
> Use case 2 is the disability use case written to fit the standard use case
> template
>
> Use case 3 is the last use case I submitted with a minor change
>
>
> Use Case 1
> Last night, unknown to Jane, Jane's company installed a filter on her PC
> that blocks sites her company feels are inappropriate for Jane to be
> accessing from work. This includes FaceBook. Jane turns on her PC and sets
> her browser to FaceBook where she maintains an on-line Profile. Jane gets
> back a page that says this site was not accessible. Jane is not sure what
> this means was there a technical difficulty with the site?
>
> Destination site
> routine interaction, known organization
>
> Navigation
> types in url
>
> Intended interaction
> access website
>
> Actual interaction
> Site not accessible notice
>
> Note
> ------------------------------------------------------------------
> Use Case 2
> Mary attempts to access a site that has been identified by the browser as
> a
> phishing site. Mary is visually impaired how will the browser warn Mary
> about the site? What if Mary had other disabilities; e.g. poor hearing,
> dexterity?
>
> Destination site
> no prior interaction, unknown organization
>
> Navigation
> clicks on a link
>
> Intended interaction
> access website
>
> Actual interaction
> Warning
>
> Note
>
> -------------------------------------------
>
>
> Use Case 3
> Frank regularly reads his email in the morning. This morning he receives
> an
> email that claims it is from his bank asking him to verify a recent
> transaction by clicking on the link embedded in the email. The link does
> not
> display the usual URL that he types to get to his bank's website, but it
> does have his bank's name in it. He clicks on the link and is directed to
> a
> phishing site. The phishing site has been shut down as a known fraudulent
> site, so when Frank clicks on the link he receives the generic Error 404:
> File Not Found page. Frank is not sure what has occurred.
>
> Destination site
> prior interaction, known organization
>
> Navigation
> clicks on a link
>
> Intended interaction
> access website
>
> Actual interaction
> Was a phishing site that has been shut down
>
> Note
> Frank is likely to fall for a similar phishing email. Is there some way to
> educate Frank this time by letting him know that he had been trying to
> access a phishing site, so that he is less likely to fail for the phishing
> email again?
>
>
> -----Original Message-----
> From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org]
> On
> Behalf Of Thomas Roessler
> Sent: Thursday, August 30, 2007 6:01 AM
> To: Dan Schutzer
> Cc: public-wsc-wg@w3.org
> Subject: Re: FW: ISSUE-83: Scenario updates (for certain abilities
> andfunctional limitations)
>
>
> On 2007-08-30 05:31:09 -0400, Dan Schutzer wrote:
>
> > I think Use Case 2 is fine
>
> My point was that I disagree with this, since it suggests we are
> going to address generic child protection technologies -- which is
> clearly far out of our scope.  Can you suggest a use case that
> exposes the different capabilities, yet avoids the misunderstanding
> that we're dealing with child protection in general?
>
> --
> Thomas Roessler, W3C  <tlr@w3.org>
>
>
>
>
>
>
> > -----Original Message-----
> > From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org]
> On
> > Behalf Of Thomas Roessler
> > Sent: Wednesday, August 29, 2007 4:32 PM
> > To: Dan Schutzer
> > Cc: public-wsc-wg@w3.org
> > Subject: Re: FW: ISSUE-83: Scenario updates (for certain abilities
> > andfunctional limitations)
> >
> >
> > On 2007-08-20 06:20:15 -0400, Dan Schutzer wrote:
> >
> > > Another shot at two use cases. I will have another one to add by
> > > end of day
> >
> > Has anything happened to that from your side?
> >
> > Also, I had written:
> >
> > > Also, I still think we should stay away from child protection use
> > > cases, meaning I'd strike the second of these use cases.  If we are
> > > specifically after usability for children (where I think this
> > > started from), then I think that should be said explicitly.
> >
> > ... with regad to this use case:
> >
> > >> Use Case 2: Mary?s eight year old daughter has asked to use the
> > >> home PC to
> >
> > >> access the Internet. Mary gives her daughter access to her
> > >> computer. Mary trusts her daughter, but is concerned that she
> > >> might inadvertently be directed to sites with inappropriate
> > >> adult content and not be mature enough to handle it. How can
> > >> the browser warn Mary?s daughter when she tries to access a web
> > >> site with inappropriate content?
> >
> > Any comments on this?
> >
> > --
> > Thomas Roessler, W3C  <tlr@w3.org>
> >
> >
> >
> >
>
>
>
>
>
>
Received on Tuesday, 4 September 2007 16:52:27 UTC