ACTION-1 |
closed |
Link tracker from Group page |
Thomas Roessler |
2006-11-21 |
|
ACTION-2 |
closed |
Organize call with APWG to discuss liaison mechanisms with WSCWG |
Thomas Roessler |
2007-01-24 |
|
ACTION-3 |
closed |
Contribute use cases for Note |
Stephen Farrell |
2006-11-21 |
|
ACTION-4 |
closed |
Formalize the scenario of user getting a request via e-mail and using that information to contact a web-site using HTTP protocol (e.g. using a browser) |
Phillip Hallam-Baker |
2006-11-21 |
|
ACTION-5 |
closed |
Formalize the use case of mis-typing a URL (and various variants - been there before, not been there before) |
Mary Ellen Zurko |
2006-12-08 |
|
ACTION-6 |
closed |
Formalize the statement regarding users not relying on information within URL strings for establishing context (or security context) |
Tyler Close |
2006-11-21 |
|
ACTION-7 |
closed |
Work out impact of redirection scenarios |
Hal Lockhart |
2006-11-21 |
|
ACTION-8 |
closed |
Formalize use case around user contacting one site, then getting re-directed to another (as part of a federation of organziations working together, legitimately), how does the user trust where they landed on? |
Hal Lockhart |
2006-11-21 |
|
ACTION-9 |
closed |
Formalize the use case of content providers using the same icons as are typically used in the \"chrome area\" and thus diluting the meaning of such visual aids |
Michael Smith |
2006-11-21 |
|
ACTION-10 |
closed |
Find mobile browser vendors to recruit to group |
Michael Smith |
2006-11-21 |
|
ACTION-11 |
closed |
Formalize a use case for using a browser on a shared device (e.g. kiosk device). Examples of kiosks intra-enterprise, hotel lobbies, Kinko\\\\\\\\\'s, libraries. |
Hal Lockhart |
2006-12-19 |
|
ACTION-12 |
closed |
List, by enumeration, what is meant by security context information |
Hal Lockhart |
2006-11-21 |
|
ACTION-13 |
closed |
Elaborate on multiple certificates & domains for session servers case |
Tyler Close |
2006-11-21 |
|
ACTION-14 |
closed |
Write up use case of session servers and having critical information invariant in order to be useful. |
Hal Lockhart |
2006-11-21 |
|
ACTION-15 |
closed |
Produce use case story for kiosk case that is in scope (action can be discharged by declaring defeat) |
Mary Ellen Zurko |
2006-12-08 |
|
ACTION-16 |
closed |
Formalize the use case of flowing security information as a part of the document mark up (as in XML marked up content information). |
Yakov Sverdlov |
2006-12-01 |
|
ACTION-17 |
closed |
Give a demonstration of \"pet name\" annotation of bookmarks plug-in |
Tyler Close |
2007-01-31 |
|
ACTION-18 |
closed |
Formalize the need to be able to understand/visualize the \"strength\" of SSL protection in place |
Bill Doyle |
2006-11-21 |
|
ACTION-19 |
closed |
Formalize a user-facing use case for WS-Security (e.g. use of WS-SecureConversation) |
Tim Hahn |
2006-12-01 |
|
ACTION-20 |
closed |
Put together set of background references |
Mary Ellen Zurko |
2006-12-01 |
|
ACTION-21 |
closed |
Help MEZ with ACTION-20 |
Maritza Johnson |
2006-12-01 |
|
ACTION-22 |
closed |
Produce voice browser use case |
Brandon Porter |
2006-11-22 |
|
ACTION-23 |
closed |
Find out more about Opera\\\\\'s numeric trust indicator |
Michael Smith |
2006-11-22 |
|
ACTION-24 |
closed |
Set up Wiki for group use |
Thomas Roessler |
2006-11-22 |
|
ACTION-25 |
closed |
Set up CVS access for Tyler |
Thomas Roessler |
2006-11-22 |
|
ACTION-26 |
closed |
Dig out papers about authenticating browser password entry dialogues to users |
Mary Ellen Zurko |
2006-12-08 |
|
ACTION-27 |
closed |
review requirements from workshop record |
Hal Lockhart |
2007-01-26 |
|
ACTION-28 |
closed |
Clean up minutes |
Thomas Roessler |
2006-11-22 |
|
ACTION-29 |
closed |
Rob Franco to formalize the use case of an attacker messing with the information in the address bar and confusing the user. |
Thomas Roessler |
2006-12-12 |
|
ACTION-30 |
closed |
Find collection of known anti-phishing extensions for Firefox |
Tyler Close |
2006-11-21 |
|
ACTION-31 |
closed |
Skeletal draft of Note |
Tyler Close |
2006-11-20 |
|
ACTION-32 |
closed |
Come up with a use case for FTP\\\\\'s usage |
Stephen Farrell |
2006-11-28 |
|
ACTION-33 |
closed |
Draft goals / non-goals section |
Phillip Hallam-Baker |
2006-12-07 |
|
ACTION-34 |
closed |
Draft scope/out-of-scope |
Mary Ellen Zurko |
2006-11-28 |
|
ACTION-35 |
closed |
Open issue for xpath/xquery in/out-of scope |
Thomas Roessler |
2006-11-28 |
|
ACTION-36 |
closed |
Add note\\\\\'s structure to wiki |
Tyler Close |
2006-12-12 |
|
ACTION-37 |
closed |
Review widget spec |
Thomas Roessler |
2006-12-12 |
|
ACTION-38 |
closed |
Include trusted computing base with scope and/or goals/non-goals |
Mary Ellen Zurko |
2006-12-12 |
|
ACTION-39 |
closed |
Training users to rely on specific non-ubiquitous security context |
Maritza Johnson |
2006-12-12 |
|
ACTION-40 |
closed |
Send proposed language on phones to mailing lists |
Phillip Hallam-Baker |
2006-12-19 |
|
ACTION-41 |
closed |
Propose draft language |
Mike Beltzner |
2006-12-19 |
|
ACTION-42 |
closed |
Propose draft language to capture \"how to begin secure communication\" |
Mike Beltzner |
2006-12-19 |
|
ACTION-43 |
closed |
Review this use case |
Tyler Close |
2006-12-19 |
|
ACTION-44 |
closed |
Review DesktopDecoration |
Tyler Close |
2006-12-19 |
|
ACTION-45 |
closed |
Work with beltzner on ACTION-42 to possibly broaden it |
Thomas Roessler |
2006-12-19 |
|
ACTION-46 |
closed |
Add in-scope for appropriateness of communication of security context information |
Thomas Roessler |
2006-12-19 |
|
ACTION-47 |
closed |
Yank \"not dangerous\" from out-of-scope |
Mary Ellen Zurko |
2006-12-19 |
|
ACTION-48 |
closed |
Propose revised \"non-web protocols\" text for NoteOutOfScope |
Stephen Farrell |
2006-12-19 |
|
ACTION-49 |
closed |
Amend in-scope to reflect consistency of user experiences, warning levels, etc |
Mike Beltzner |
2006-12-19 |
|
ACTION-50 |
closed |
Add mobile device text to scope text in wiki |
Stephen Farrell |
2006-12-20 |
|
ACTION-51 |
closed |
Draft \"out-of-scope\" text for proxies etc that do not involve human interaction |
Stephen Farrell |
2006-12-26 |
|
ACTION-52 |
closed |
Propose text on how corroboration with independent sites should be scoped |
Tim Hahn |
2006-12-26 |
|
ACTION-53 |
closed |
Edit out content blocking part |
Hal Lockhart |
2006-12-26 |
|
ACTION-54 |
closed |
Write concrete \"content blocking out of scope\" section, or to declare defeat |
Anthony Nadalin |
2006-12-26 |
|
ACTION-55 |
closed |
Merge the TCB-related points |
Tyler Close |
2006-12-26 |
|
ACTION-56 |
closed |
Drive discussion on presentation of content-based filtering on list, draft text |
Hal Lockhart |
2006-12-26 |
|
ACTION-57 |
closed |
Maintain volunteer list in NoteIndex in the wiki. |
Mary Ellen Zurko |
2006-12-26 |
|
ACTION-58 |
closed |
Draft the \"Security Context Available\" section of our Note in the wiki |
Bill Doyle |
2007-01-02 |
|
ACTION-59 |
closed |
Draft section 9 |
Tim Hahn |
2007-01-02 |
|
ACTION-60 |
closed |
Draft Section 8 |
Michael Smith |
2007-01-02 |
|
ACTION-61 |
closed |
Propose re-wording of \"Best Practices Recommendation for Site-to-User Communication\" text in NoteGoals, post to list |
Mary Ellen Zurko |
2007-01-09 |
|
ACTION-62 |
closed |
Re-draft \"Recommendation for Consistent Presentation of Security Information\" to reflect discussion about http://www.w3.org/mid/D0C847B2BD75414090045D8C7EA3D59402E1469E@repbex01.amer.bea.com |
Hal Lockhart |
2007-01-09 |
|
ACTION-63 |
closed |
Merge the Goals and Non-Goals related Wiki items into English text. |
Phillip Hallam-Baker |
2007-01-23 |
|
ACTION-64 |
closed |
Make sure role of user education is addressed in assumptions section of note |
Mary Ellen Zurko |
2007-01-09 |
|
ACTION-65 |
closed |
Add \"phone\" option to registration form, and fix some responses |
Thomas Roessler |
2007-01-09 |
|
ACTION-66 |
closed |
Rework shared system use-case |
Hal Lockhart |
2007-01-16 |
|
ACTION-67 |
closed |
Refine MultipleCertificateIdentity use case |
Tyler Close |
2007-01-16 |
|
ACTION-68 |
closed |
Formalize furnace self-signed use case |
Tyler Close |
2007-01-16 |
|
ACTION-69 |
closed |
Draft differential use cases for security expectation vs. none |
Phillip Hallam-Baker |
2007-01-29 |
|
ACTION-70 |
closed |
Propose generalization of email lure |
Stuart Schechter |
2007-01-16 |
|
ACTION-71 |
closed |
Propose history related use-case |
Stephen Farrell |
2007-01-16 |
|
ACTION-72 |
closed |
Track RobFranco proposing use cases to deal with scriptable areas |
Thomas Roessler |
2007-02-28 |
|
ACTION-73 |
closed |
Draft MITM use case |
Thomas Roessler |
2007-01-16 |
|
ACTION-74 |
closed |
Draft CA acceptance use case |
Thomas Roessler |
2007-01-16 |
|
ACTION-75 |
closed |
Draft revisit security decisions use case |
Thomas Roessler |
2007-01-16 |
|
ACTION-76 |
closed |
Draft follow-a-link / status bar use case |
Thomas Roessler |
2007-01-16 |
|
ACTION-77 |
closed |
Design Debugging use case |
Mary Ellen Zurko |
2007-01-16 |
|
ACTION-78 |
closed |
Refine UserNotions |
Michael McCormick |
2007-01-16 |
|
ACTION-79 |
closed |
Redraft out-of-scope item for phone |
Brandon Porter |
2007-01-23 |
|
ACTION-80 |
closed |
Redraft phonelure use case |
Phillip Hallam-Baker |
2007-01-23 |
|
ACTION-81 |
closed |
Follow up on the FollowingALink use case |
Thomas Roessler |
2007-01-23 |
|
ACTION-82 |
closed |
Document widget behavior upon encountering a link in wiki |
Thomas Roessler |
2007-01-29 |
|
ACTION-83 |
closed |
Dig out TLS RFC\\\\\'s normative language on mismatch between cert and domain name |
Hal Lockhart |
2007-01-30 |
|
ACTION-84 |
closed |
Produce material on name-based virtual hosting and TLS |
Phillip Hallam-Baker |
2007-01-30 |
|
ACTION-85 |
closed |
Summarize issues around deployment of certificates in wildcard / virtual hosting situations |
Chuck Wade |
2007-01-30 |
|
ACTION-86 |
closed |
Document what certificate validation errors Konqueror displays |
George Staikos |
2007-01-30 |
|
ACTION-87 |
closed |
Document what certificate validation errors Opera displays |
Yngve Pettersen |
2007-01-30 |
|
ACTION-88 |
closed |
Document what certificate validation errors Firefox displays |
Mike Beltzner |
2007-01-30 |
|
ACTION-89 |
closed |
Ask Rob to do the same for IE7 |
Thomas Roessler |
2007-01-30 |
|
ACTION-90 |
closed |
Ask Rob Franco to document what certification verification errors IE7 displays |
Thomas Roessler |
2007-02-28 |
|
ACTION-91 |
closed |
Start discussion about RevistingPastDecision on list |
Thomas Roessler |
2007-01-30 |
|
ACTION-92 |
closed |
Send more detailed geography info about meeting to member-visible list |
Hal Lockhart |
2007-01-30 |
|
ACTION-93 |
closed |
Explain issue raising process on public mailing list |
Thomas Roessler |
2007-02-06 |
|
ACTION-94 |
closed |
Draft subsections for 8 about \"compelling user interface\", crypto |
Phillip Hallam-Baker |
2007-02-06 |
|
ACTION-95 |
closed |
Review use cases, suggest reorganization, ... |
Stuart Schechter |
2007-03-10 |
|
ACTION-96 |
closed |
Draft initial outline of glossary |
Tim Hahn |
2007-02-21 |
|
ACTION-97 |
closed |
Seed and drive process to document current-generation undocumented safeguards in wiki |
Mike Beltzner |
2007-02-17 |
|
ACTION-98 |
closed |
Add references for 8.1.2 |
Rachna Dhamija |
2007-02-06 |
|
ACTION-99 |
closed |
draft text for section 8, covering \"block pages\" |
Rachna Dhamija |
2007-02-06 |
|
ACTION-100 |
closed |
Propose alternative wording for 8.2.3 |
Thomas Roessler |
2007-02-06 |
|
ACTION-101 |
closed |
Suggest favorite favicon reference |
Mary Ellen Zurko |
2007-02-06 |
|
ACTION-102 |
closed |
Switch order of 8.2.3 and 8.2.4 |
Tyler Close |
2007-02-06 |
|
ACTION-103 |
closed |
Propose descriptive text on firefox anti-phishing UI (for 8.2) |
Mike Beltzner |
2007-02-17 |
|
ACTION-104 |
closed |
Extend 8.2.1 by tab title |
Tyler Close |
2007-02-06 |
|
ACTION-105 |
closed |
Propose text on notifiaction / information bar |
Mike Beltzner |
2007-02-17 |
|
ACTION-106 |
closed |
Propose clarifying language for 8.2.5 |
Mike Beltzner |
2007-02-17 |
|
ACTION-107 |
closed |
Create a library of testcases / examples of attacks listed in section 8 |
Mike Beltzner |
2007-02-22 |
|
ACTION-108 |
closed |
contribute more studies for 8.3 |
Rachna Dhamija |
2007-02-06 |
|
ACTION-109 |
closed |
to propose more elaborate text for 8.3.1 (\"padlock icon\") |
Brandon Porter |
2007-02-06 |
|
ACTION-110 |
closed |
Create new subsection under 8.2 to classify types of attacks |
Tyler Close |
2007-02-06 |
|
ACTION-111 |
closed |
Track rob tracking URL scrolling issues |
Tyler Close |
2007-02-06 |
|
ACTION-112 |
closed |
Rewrite 8.3.2 |
Thomas Roessler |
2007-02-06 |
|
ACTION-113 |
closed |
Suggest \"page\" definition for Tim\\\\\\\\\'s glossary |
Stuart Schechter |
2007-03-12 |
|
ACTION-114 |
closed |
suggesting alternative wording for 8.4.1 |
Rachna Dhamija |
2007-02-06 |
|
ACTION-115 |
closed |
Contribute reference on cost/benefit questions in usability |
Mary Ellen Zurko |
2007-02-07 |
|
ACTION-116 |
closed |
Check whether security usability of form submission is covered in Note |
Phillip Hallam-Baker |
2007-02-07 |
|
ACTION-117 |
closed |
Contribute material re confirmation bias to note |
Mike Beltzner |
2007-02-17 |
|
ACTION-118 |
closed |
Reword the first two DesignPrinciples points for possible inclusion in the note |
Maritza Johnson |
2007-02-16 |
|
ACTION-119 |
closed |
Move consistency bullet point into section 9 |
Tyler Close |
2007-02-07 |
|
ACTION-120 |
closed |
Contribute further text on \"explanations\" bullet point; provide [Patrick] reference |
Maritza Johnson |
2007-02-16 |
|
ACTION-121 |
closed |
Propose rewrite of 9.3 |
Mary Ellen Zurko |
2007-02-07 |
|
ACTION-122 |
closed |
Inquire Stephen Farrell about holding next meeting on 30-31 in Dublin |
Thomas Roessler |
2007-02-07 |
|
ACTION-123 |
closed |
Send hosting requirements to Tyler |
Thomas Roessler |
2007-02-07 |
|
ACTION-124 |
closed |
Initiate work on threat tree |
Stuart Schechter |
2007-03-13 |
|
ACTION-125 |
closed |
Map list from blackboard to existing use cases, possibly add more |
Thomas Roessler |
2007-02-08 |
|
ACTION-126 |
closed |
Document current practice in terms of security UI robustness |
George Staikos |
2007-02-28 |
|
ACTION-127 |
closed |
Document current practice in terms of security UI robustness |
Yngve Pettersen |
2007-02-08 |
|
ACTION-128 |
closed |
Document current practice in terms of security UI robustness |
Mike Beltzner |
2007-02-17 |
|
ACTION-129 |
closed |
Prod Rob to document current practice in terms of security UI robustness |
Thomas Roessler |
2007-02-28 |
|
ACTION-130 |
closed |
Set up poll to confirm date. |
Thomas Roessler |
2007-02-08 |
|
ACTION-131 |
closed |
Start rescheduling exercise for telephone calls |
Thomas Roessler |
2007-02-19 |
|
ACTION-132 |
closed |
Start discussion on mailing list to draw chrome items out and get analysis completed |
Mary Ellen Zurko |
2007-02-13 |
|
ACTION-133 |
closed |
Offer text suggestion around \"many users\" |
Brandon Porter |
2007-02-13 |
|
ACTION-134 |
closed |
Link scribing quick-ref from WG admin page |
Thomas Roessler |
2007-02-13 |
|
ACTION-135 |
closed |
Reword 2.2 a bit more verbosely; add negative (\"not stuff that\\\\\'s easily ignored\") |
Tyler Close |
2007-02-13 |
|
ACTION-136 |
closed |
S/prevent/mitigate and prevent/ in 2.3 |
Tyler Close |
2007-02-13 |
|
ACTION-137 |
closed |
S/deceptive imitation/deceptive imitation or hiding/ in 2.3 |
Tyler Close |
2007-02-13 |
|
ACTION-138 |
closed |
Re-phrase Thomas\\\\\'s proposed overview text. |
Mary Ellen Zurko |
2007-02-13 |
|
ACTION-139 |
closed |
Reorder section 2: 2.7, 2.4, then rest |
Tyler Close |
2007-02-13 |
|
ACTION-140 |
closed |
Propose non-goals material re other app contexts |
Hal Lockhart |
2007-02-20 |
|
ACTION-141 |
closed |
Replace \"orthogonal\" by clearer language in the use case rework |
Thomas Roessler |
2007-02-20 |
|
ACTION-142 |
closed |
Change use case 19 to make clear that network-levle confdentiality threats are covered |
Thomas Roessler |
2007-02-20 |
|
ACTION-143 |
closed |
Propose text to resolve ISSUE-10 |
Thomas Roessler |
2007-02-20 |
|
ACTION-144 |
closed |
Drop public sample code promise from 10.3 and send text to list & tyler |
Mary Ellen Zurko |
2007-02-20 |
|
ACTION-145 |
closed |
Expand abstract of note by moving in material from overview |
Thomas Roessler |
2007-02-27 |
|
ACTION-146 |
closed |
Start conversation on conformance for non-browser user agents and forward-looking web use |
Chuck Wade |
2007-02-27 |
|
ACTION-147 |
closed |
Send reminder concerning out-of-order US DST change |
Mary Ellen Zurko |
2007-03-13 |
|
ACTION-148 |
closed |
Start discussion on technology-layer security context |
Johnathan Nightingale |
2007-03-13 |
|
ACTION-149 |
closed |
Make FSTC\\\\\'s list of techniques available to group |
Chuck Wade |
2007-03-13 |
|
ACTION-150 |
closed |
Propose text do drill down on possible classes of conforming implementations -- more concrete than note, more abstract than products |
Chuck Wade |
2007-04-15 |
|
ACTION-151 |
closed |
update text for security context as part of note review |
Bill Doyle |
2007-03-16 |
|
ACTION-152 |
closed |
Put Tim Hahn\\\\\'s outline into Wiki, fill in some, |
Stuart Schechter |
2007-03-20 |
|
ACTION-153 |
closed |
Tell tyler about how to do diffs for specprod documents |
Thomas Roessler |
2007-03-20 |
|
ACTION-154 |
closed |
Track HTTP Auth related extensions |
Bill Doyle |
2007-03-20 |
|
ACTION-155 |
closed |
Track P3P header related indicators |
Praveen Alavilli |
2007-03-28 |
|
ACTION-156 |
closed |
Circulate his list of privacy and security indicators |
Chuck Wade |
2007-03-20 |
|
ACTION-157 |
closed |
Update 7.2 to encompass page source |
Tyler Close |
2007-03-28 |
|
ACTION-158 |
closed |
Add documentation of known systemic flaws to \"Document the status quo\" goal |
Thomas Roessler |
2007-03-20 |
|
ACTION-159 |
closed |
Put documentation about action item editing interface on group page |
Thomas Roessler |
2007-04-25 |
|
ACTION-160 |
closed |
Put out-of-scope text on cross-site-scripting into Note |
Tyler Close |
2007-03-27 |
|
ACTION-161 |
closed |
Send note to chuck on prior art re ACTION-150 |
Thomas Roessler |
2007-03-27 |
|
ACTION-162 |
closed |
Draft \"sensitive piece of information\" proposal |
Tyler Close |
2007-03-28 |
|
ACTION-163 |
closed |
to draft \"where am I\" outline |
Rachna Dhamija |
2007-04-30 |
|
ACTION-164 |
closed |
elaborate cross-site-scripting branch of threat tree with view toward user understandable context information |
Johnathan Nightingale |
2007-03-28 |
|
ACTION-165 |
closed |
Copy definition of web user agent to glossary |
Mary Ellen Zurko |
2007-03-27 |
|
ACTION-166 |
closed |
Set up shawn and rachna as additional editors |
Thomas Roessler |
2007-04-04 |
|
ACTION-167 |
closed |
to send mail to outline quick review process for further April calls; call for agenda input for next call |
Mary Ellen Zurko |
2007-04-04 |
|
ACTION-168 |
closed |
really cancel May 9 call |
Mary Ellen Zurko |
2007-05-02 |
|
ACTION-169 |
closed |
Put roadmap into wiki |
Mary Ellen Zurko |
2007-04-04 |
|
ACTION-170 |
closed |
Put 4th f2f on Dublin agenda: September or November? |
Mary Ellen Zurko |
2007-05-04 |
|
ACTION-171 |
closed |
And stuart to try to figure out how to move forward with this |
Thomas Roessler |
2007-04-04 |
|
ACTION-172 |
closed |
Map threat trees to use case dimensions |
Stuart Schechter |
2007-04-04 |
|
ACTION-173 |
closed |
Turn use case dimensions into note material |
Thomas Roessler |
2007-06-08 |
|
ACTION-174 |
closed |
Send mail to outline quick review process for further April calls; call for agenda input for next call |
Mary Ellen Zurko |
2007-04-04 |
|
ACTION-175 |
closed |
Summarize robustness practices in terms of limitations on sites\\\\\\\\\\\\\\\\\' freedom |
Johnathan Nightingale |
2007-04-25 |
|
ACTION-176 |
closed |
Ping george staikos by e-mail and negotiate corresponding action |
Thomas Roessler |
2007-04-11 |
|
ACTION-177 |
closed |
aggregate material on TLS user interaces across browsers, based on input from vendors |
Mike Beltzner |
2007-04-25 |
|
ACTION-178 |
closed |
pull together mixed content / \"what is a secure page\" material from earlier list discussions |
Yngve Pettersen |
2007-04-25 |
|
ACTION-179 |
closed |
put check of recommendation material against InScopbyCategory wiki item on f2f agenda; find volunteer to lead that discussion |
Mary Ellen Zurko |
2007-05-15 |
|
ACTION-180 |
closed |
Make pass through SharedBookmarks and other material; map testing results to status quo |
Maritza Johnson |
2007-05-08 |
|
ACTION-181 |
closed |
summarize EV cert discussion and deliver proto recommendations in Wiki |
Phillip Hallam-Baker |
2007-04-18 |
|
ACTION-182 |
closed |
Summarize TLS discussion and extract proto recs into wiki |
Michael McCormick |
2007-04-25 |
|
ACTION-183 |
closed |
go over TrustMe notes, update in wiki |
Tyler Close |
2007-04-26 |
|
ACTION-184 |
closed |
summarize robustness practices in terms of limitations on sites\' freedom |
Jan Vidar Krey |
2007-05-02 |
|
ACTION-185 |
closed |
Integrate diffmk into editing environment |
Thomas Roessler |
2007-04-25 |
|
ACTION-186 |
closed |
review Process related section of note |
Thomas Roessler |
2007-04-25 |
|
ACTION-187 |
closed |
revisit her availability as editor |
Rachna Dhamija |
2007-05-30 |
|
ACTION-188 |
closed |
summarize robustness practices in terms of limitations on sites\\\\\\\\\' freedom |
George Staikos |
2007-04-14 |
|
ACTION-189 |
closed |
Share pointer to CABforum profiling of PKIX |
Phillip Hallam-Baker |
2007-04-18 |
|
ACTION-190 |
closed |
Attempt summary of discussion and proto recs re EV and virtual hosting in wiki |
Phillip Hallam-Baker |
2007-04-18 |
|
ACTION-191 |
closed |
Update PII Editor Bar proposal in wiki |
Tyler Close |
2007-04-26 |
|
ACTION-192 |
closed |
Draft \"let\\\\\\\\\'s drop the URL bar\" proposal |
Tyler Close |
2007-04-26 |
|
ACTION-193 |
closed |
Provide high-risk display-only use cases |
Michael McCormick |
2007-04-18 |
|
ACTION-194 |
closed |
refine UrlRecommendation |
Mary Ellen Zurko |
2007-04-20 |
|
ACTION-195 |
closed |
capture discussion on SharedPublicKnowledge in wiki and refine proposal |
Mary Ellen Zurko |
2007-04-25 |
|
ACTION-196 |
closed |
turn ramblings about deployment and server side into coherent written material |
Chuck Wade |
2007-04-25 |
|
ACTION-197 |
closed |
incorporate discussion about Contextual Password Warnings into Wiki |
Thomas Roessler |
2007-04-25 |
|
ACTION-198 |
closed |
Update Revisiting Past Decisions |
Thomas Roessler |
2007-04-25 |
|
ACTION-199 |
closed |
extract possible recommendations from section 3 of BMA results for further discussion |
Chuck Wade |
2007-05-02 |
|
ACTION-200 |
closed |
Organize review of Safe Browsing Mode proposal at next call |
Bob Pinheiro |
2007-04-25 |
|
ACTION-201 |
closed |
Extract refined proto-recs from record of discussion about ErrorHandling and Yngve\\\\\\\\\'s blog item on same topic |
Mary Ellen Zurko |
2007-05-02 |
|
ACTION-202 |
closed |
Start list thread re cookies |
Chuck Wade |
2007-04-25 |
|
ACTION-203 |
closed |
put another pass through ContextPresentation on one of the next two agendae |
Mary Ellen Zurko |
2007-05-02 |
|
ACTION-204 |
closed |
Update \"safe browsing mode proposal\" to incorporate comments |
Daniel Schutzer |
2007-05-02 |
|
ACTION-205 |
closed |
Revise PageInfoSummary by 9 May 2007 |
Johnathan Nightingale |
2007-05-02 |
|
ACTION-206 |
closed |
Flesh out logotype recommendation |
Phillip Hallam-Baker |
2007-05-02 |
|
ACTION-207 |
closed |
Update due dates |
Thomas Roessler |
2007-05-03 |
|
ACTION-208 |
closed |
update favicons in wiki |
Michael McCormick |
2007-05-23 |
|
ACTION-209 |
closed |
update wiki with recommendation on mixed content |
Yngve Pettersen |
2007-05-16 |
|
ACTION-210 |
closed |
encapsulate SSL certificate error anti-patterns to wiki |
Michael McCormick |
2007-05-23 |
|
ACTION-211 |
closed |
add robustness info to wiki that may turn into recommendation |
George Staikos |
2007-06-30 |
|
ACTION-212 |
closed |
create straw-man template for recommendations |
Tyler Close |
2007-05-11 |
|
ACTION-213 |
closed |
write a lightning proposal in the wiki based on her work |
Rachna Dhamija |
2007-05-11 |
|
ACTION-214 |
closed |
solicit commentary on Threat Trees from MITRE INFOSEC community |
Bill Doyle |
2007-12-30 |
|
ACTION-215 |
closed |
to revisit threat trees, match to her list of attacks, make explicit, turn into note material |
Rachna Dhamija |
2007-05-30 |
|
ACTION-216 |
closed |
Update template accordingly |
Tyler Close |
2007-05-23 |
|
ACTION-217 |
closed |
Enter Secure Letterhead proposal into Wiki; link from \"to be discussed\" |
Phillip Hallam-Baker |
2007-05-23 |
|
ACTION-218 |
closed |
Start e-mail thread on conformance sections |
Thomas Roessler |
2007-05-23 |
|
ACTION-219 |
closed |
to update IdentitySignal to cover discussion on call, and match RecTemplate |
Johnathan Nightingale |
2007-06-22 |
|
ACTION-220 |
closed |
introduce Secure Letterhead item in the wiki |
Phillip Hallam-Baker |
2007-05-30 |
|
ACTION-221 |
closed |
Match RobustSecurityIndicators against other proposals; ensure nothing gets lost |
Mary Ellen Zurko |
2007-08-17 |
|
ACTION-222 |
closed |
Work with Tyler to ensure publication of updated draft |
Thomas Roessler |
2007-05-30 |
|
ACTION-223 |
closed |
Propose prioritization of rec template elements |
Thomas Roessler |
2007-05-30 |
|
ACTION-224 |
closed |
Propose cut-off date for fitting rec proposals into template |
Mary Ellen Zurko |
2007-05-30 |
|
ACTION-225 |
closed |
\"Are users necessary?\"-- Build taxonomy of trust situations where user intervention is required |
Serge Egelman |
2007-06-24 |
|
ACTION-226 |
closed |
Improve description of SSL/TLS history (sec.8.1) |
Tyler Close |
2007-06-18 |
|
ACTION-227 |
closed |
Update template with material from discussion; notify e-mail list |
Thomas Roessler |
2007-06-06 |
|
ACTION-228 |
closed |
Share slides about usability testing from dublin f2f |
Rachna Dhamija |
2007-06-07 |
|
ACTION-229 |
closed |
Share his slides on robustness testing from the dublin f2f |
Bill Doyle |
2007-12-06 |
|
ACTION-230 |
closed |
Define robustness for WSC glossary |
Bill Doyle |
2007-07-11 |
|
ACTION-231 |
closed |
Start a discussion about including descriptions of the information divulged to websites by user-agents |
Bill Doyle |
2007-12-06 |
|
ACTION-232 |
closed |
Share results from his study once he has them |
Serge Egelman |
2007-06-30 |
|
ACTION-233 |
closed |
Make sure Jagatic et al on social phishing is in SharedBookmarks |
Rachna Dhamija |
2007-06-12 |
|
ACTION-234 |
closed |
Add www2006 jakobsson, Florencio & Hursley MSR paper to our shared bookmarks list |
Rachna Dhamija |
2007-06-12 |
|
ACTION-235 |
closed |
Update / create a user testing timeline with things like IRB turnaround, setup, etc. |
Rachna Dhamija |
2007-07-11 |
|
ACTION-236 |
closed |
Track donations of time and resources for usability testing |
Rachna Dhamija |
2007-07-11 |
|
ACTION-237 |
closed |
Drive process of tying recommendations to references in SharedBookmarks |
Maritza Johnson |
2007-06-22 |
|
ACTION-238 |
closed |
Create and document user testing plan (with links to timeline, donations, prototypers, etc) |
Rachna Dhamija |
2007-07-11 |
|
ACTION-239 |
closed |
Document security robustness practises on mobile and embedded devices (such as phones, etc.) |
Jan Vidar Krey |
2007-07-18 |
|
ACTION-240 |
closed |
pick up on ACTION-177, complement with review of TLS spec and exceptions given there; goal is to limit user interaction when not needed |
Stephen Farrell |
2007-06-26 |
|
ACTION-241 |
closed |
Look at better issue tracking for rec-track documents |
Thomas Roessler |
2007-08-21 |
|
ACTION-242 |
closed |
add file extension remark to security context information list |
Stephen Farrell |
2007-06-01 |
|
ACTION-243 |
closed |
Propose link from note to threat trees |
Mary Ellen Zurko |
2007-06-27 |
|
ACTION-244 |
closed |
Arrange for future thread tree discussion |
Mary Ellen Zurko |
2007-06-07 |
|
ACTION-245 |
closed |
Draft conformance section |
Thomas Roessler |
2007-06-07 |
|
ACTION-246 |
closed |
Draft introduction text |
Tim Hahn |
2007-06-07 |
|
ACTION-247 |
closed |
Mark in wiki what proposals have been transferred into the note |
Shawn Duffy |
2007-06-07 |
|
ACTION-248 |
closed |
Ensure that the robustness stuff (MozillaCurrentPractises) ends up in the recommendations |
Johnathan Nightingale |
2007-09-12 |
|
ACTION-249 |
closed |
Propose revision of 2.3 in line with updated template, current discussion |
Thomas Roessler |
2007-06-14 |
|
ACTION-250 |
closed |
Propose breaking out section 2.4 into its own recommendation |
Stephen Farrell |
2007-06-07 |
|
ACTION-251 |
closed |
Update the recommendation template to include justification for goals |
Tyler Close |
2007-06-07 |
|
ACTION-252 |
closed |
Map out some study proposals for existing recommendations, co-ordinate with Rachna who owns usability testing plan in general |
Serge Egelman |
2007-07-15 |
|
ACTION-253 |
closed |
Write up a proposed recommendation about browser lock down mode (eg: no script, etc) |
Tim Hahn |
2007-06-07 |
|
ACTION-254 |
closed |
revise sbm proposal |
Daniel Schutzer |
2007-06-15 |
|
ACTION-255 |
closed |
Email beltzner photo of whiteboard |
Yngve Pettersen |
2007-06-07 |
|
ACTION-256 |
closed |
Summarize and bring back issues to working group |
Mike Beltzner |
2007-08-08 |
|
ACTION-257 |
closed |
Expand on the proposal and incorporate today\\\\\\\\\\\\\\\\\'s discussions |
Rachna Dhamija |
2007-07-11 |
|
ACTION-258 |
closed |
Create template out of Threat Trees (with sample threats) |
Rachna Dhamija |
2007-06-13 |
|
ACTION-259 |
closed |
Work with Stephen, Chuck to revisit threat trees; work out process to join them to substantial work |
Rachna Dhamija |
2007-06-27 |
|
ACTION-260 |
closed |
to write up non-indication cert attribute |
Phillip Hallam-Baker |
2007-06-29 |
|
ACTION-261 |
closed |
Revisit section 3 of BMA study results |
Daniel Schutzer |
2007-06-20 |
|
ACTION-262 |
closed |
Share study on effectiveness of trust seals in SharedBookmarks |
Serge Egelman |
2007-06-20 |
|
ACTION-263 |
closed |
Review list of security information this week |
Bill Doyle |
2007-07-04 |
|
ACTION-264 |
closed |
Complete secure letterhead template |
Phillip Hallam-Baker |
2007-07-04 |
|
ACTION-265 |
closed |
Move Page Info Summary to template format |
Johnathan Nightingale |
2007-07-10 |
|
ACTION-266 |
closed |
Put liaison list into wiki |
Mary Ellen Zurko |
2007-08-01 |
|
ACTION-267 |
closed |
Attend tam BOF in Chicago, wave WSC flag, report back |
Thomas Roessler |
2007-07-18 |
|
ACTION-268 |
closed |
Phrase conformance language for fully securing sites |
Phillip Hallam-Baker |
2007-08-10 |
|
ACTION-269 |
closed |
Extract changes from ISSUE-6, sort out \"prior interaction\" confusion, if any |
Tyler Close |
2007-08-08 |
|
ACTION-270 |
closed |
Implement issue disposal as described in resolution above in minutes |
Thomas Roessler |
2007-07-25 |
|
ACTION-271 |
closed |
Prod authors of CertErr, RecRevisitingPastDecisions, EVCert, Letterhead about template conformance; deadline for answers is either this Friday or next meeting |
Shawn Duffy |
2007-07-25 |
|
ACTION-272 |
closed |
Draft proposal for self-signed certs over beer with Thomas |
Stephen Farrell |
2007-07-25 |
|
ACTION-273 |
closed |
Define categories in glossary |
Mary Ellen Zurko |
2007-08-01 |
|
ACTION-274 |
closed |
experiment with lc-comments-tracker and report back |
Bill Doyle |
2007-11-30 |
|
ACTION-275 |
closed |
make fette supply use case on previous interaction site being blacklisted |
Ian Fette |
2007-08-03 |
|
ACTION-276 |
closed |
Rewrite favicons material in light of call\\\'s discussion (try generalizing usefully) |
Thomas Roessler |
2007-08-08 |
|
ACTION-277 |
closed |
Supply definition of \"location par\" and put it into glossary |
Tim Hahn |
2007-08-08 |
|
ACTION-278 |
closed |
check on linux platform |
Audian Paxson |
2007-08-22 |
|
ACTION-279 |
closed |
Rewrite first four requirements in 5.1.1 in view of call discussion |
Thomas Roessler |
2007-08-15 |
|
ACTION-280 |
closed |
Implement resolution to drop "user agents MAY augment industry standards" |
Thomas Roessler |
2007-08-15 |
|
ACTION-281 |
closed |
Update 5.2 according to call's discussion |
Thomas Roessler |
2007-08-22 |
|
ACTION-282 |
closed |
Obtain disclaimer-style text for Additional Security Context Information |
Anil Saldhana |
2007-08-29 |
|
ACTION-283 |
closed |
Contribute references to support 5.3.1 |
Serge Egelman |
2007-08-29 |
|
ACTION-284 |
closed |
suggest fine-tuning of terminology in section 4 |
Phillip Hallam-Baker |
2007-10-03 |
|
ACTION-285 |
closed |
propose list of references on strong/weak algorithms; intent to *reference*, not *import* |
Yngve Pettersen |
2007-09-12 |
|
ACTION-286 |
closed |
Change 4.5.4 into generic "if https typed, then expectation of strong security" text |
Anil Saldhana |
2007-09-05 |
|
ACTION-287 |
closed |
Turn 4.3.4 into "there's a bucket for weak policy OIDS, some of these are intentionally so" style language |
Anil Saldhana |
2007-09-05 |
|
ACTION-288 |
closed |
Propose refinement for unsafe redirects going full cricle |
Thomas Roessler |
2007-09-12 |
|
ACTION-289 |
closed |
Add issue about http-https redirects to draft |
Thomas Roessler |
2007-09-12 |
|
ACTION-290 |
closed |
Incorporate references from http://lists.w3.org/Archives/Public/public-wsc-wg/2007Sep/0014.html |
Anil Saldhana |
2007-09-12 |
|
ACTION-291 |
closed |
Create a Section for References (PlaceHolder) |
Anil Saldhana |
2007-09-12 |
|
ACTION-292 |
closed |
Incorporate Mike McCormick 's General Principles (Section 5.3) |
Anil Saldhana |
2007-10-03 |
|
ACTION-293 |
closed |
Update Browser Lockdown section per the discussion in this call and the comments on the list. |
Tim Hahn |
2007-11-14 |
|
ACTION-294 |
closed |
Review threat trees draft wrt dns poisoning |
Bill Doyle |
2007-10-20 |
|
ACTION-295 |
closed |
Refine SBM conformance language accourding to 9/12 minutes |
Thomas Roessler |
2007-09-24 |
|
ACTION-296 |
closed |
Add to editor's draft (Mozilla Robustness Practices) |
Anil Saldhana |
2007-09-26 |
|
ACTION-297 |
closed |
Make sure it is in editor's draft (Strong/Weak Algorithm Action by Yngve) |
Anil Saldhana |
2007-09-26 |
|
ACTION-298 |
closed |
Send email out to list to get clarification on user intervention surrounding installing software |
Johnathan Nightingale |
2007-10-03 |
|
ACTION-299 |
closed |
Draft a definition of whack-a-mole in 7.3.2 text |
Johnathan Nightingale |
2007-10-03 |
|
ACTION-300 |
closed |
Write up additional conformance language for pet name components of PII Editor Bar recommendation |
Tyler Close |
2007-10-09 |
|
ACTION-301 |
closed |
Write email to usability study people re identity signal stuff |
Johnathan Nightingale |
2007-10-09 |
|
ACTION-302 |
closed |
Create sketches and interaction notes to send to usability testing group |
Daniel Schutzer |
2007-10-09 |
|
ACTION-303 |
closed |
Find someone to help with what's needed for UI and prototypes for page security scoring usability testing |
Michael McCormick |
2007-10-09 |
|
ACTION-304 |
closed |
Produce demo or lo-fi protype of secure letterhead |
Phillip Hallam-Baker |
2007-11-15 |
|
ACTION-305 |
closed |
Get back to maritzaj on what questions he has, or any lack thereof |
Tim Hahn |
2007-11-14 |
|
ACTION-306 |
closed |
Drop editor's note into conformance labels section to explain what it's supposed to mean |
Thomas Roessler |
2007-10-09 |
|
ACTION-307 |
closed |
Propose language based on McCormick's slides |
Mary Ellen Zurko |
2007-10-09 |
|
ACTION-308 |
closed |
Re-work "use case 2" from issue 83 into general language about disabilities to insert into section 6 of use case note due 2007-10-3 |
Thomas Roessler |
2007-10-09 |
|
ACTION-309 |
closed |
Draft generic accessibility text for section 6, to go before subsection 6.1 |
Thomas Roessler |
2007-10-09 |
|
ACTION-310 |
closed |
Tracker configuration: repair non-appearance of posts from member-wsc-wg mailing list |
Thomas Roessler |
2007-10-05 |
|
ACTION-311 |
closed |
Tracker configuration: repair non-appearance of posts from member-wsc-wg mailing list |
Thomas Roessler |
2007-10-05 |
|
ACTION-312 |
closed |
Provide a first pass of associating wiki links with the FPWD text |
Mary Ellen Zurko |
2007-10-10 |
|
ACTION-313 |
closed |
Change EV to "augmented assurance" in editor's draft |
Thomas Roessler |
2007-10-10 |
|
ACTION-314 |
closed |
to add language to 5.2, SHOULD list, to show any/all logotypes available from AA certs |
Thomas Roessler |
2007-10-10 |
|
ACTION-315 |
closed |
Not AA, then domain name info from CN or subjectAltName; if AA, then Organization attribute from subject; always: organization attribute from issuer; close ISSUE-99 |
Ian Fette |
2007-10-10 |
|
ACTION-316 |
closed |
Add language to 5.1.2 to display info as follows:if not AA, then domain name info from CN or subjectAltName; if AA, then Organization attribute from subject; always: organization attribute from issuer; close ISSUE-99 |
Thomas Roessler |
2007-10-10 |
|
ACTION-317 |
closed |
Note the open discussion about how PII notions of cert-handling fold into the rest of the document, particularly around self-signed certs and KCM |
Thomas Roessler |
2008-01-21 |
ISSUE-103 |
ACTION-318 |
closed |
Draft a new subsection to section 7 discussing the mixing of trusted/untrusted information in the UI |
Bill Doyle |
2007-12-30 |
ISSUE-104 |
ACTION-319 |
closed |
Add text in section 5 to note that "no cookies => no tracking" doesn't hold, re ISSUE-105 |
Thomas Roessler |
2007-10-10 |
|
ACTION-320 |
closed |
Add authoring BP re HTTPS -> HTTP submits (issue-107) |
Anil Saldhana |
2008-01-19 |
ISSUE-107 |
ACTION-321 |
closed |
to look for cyphersuite strength standard that we can reference |
Bill Doyle |
2007-10-31 |
|
ACTION-322 |
closed |
To call for proposals on this issue |
Mary Ellen Zurko |
2007-11-07 |
|
ACTION-323 |
closed |
Respond with a proposal on issue 115 |
William Eburn |
2007-11-07 |
ISSUE-115 |
ACTION-324 |
closed |
Drop success criteria into wiki |
Mary Ellen Zurko |
2007-11-12 |
|
ACTION-325 |
closed |
Coordinate with hypertext CG re a11y issues |
Mary Ellen Zurko |
2007-11-12 |
|
ACTION-326 |
closed |
Transfer RobustSharedSecret into section 8.2 |
Thomas Roessler |
2007-11-19 |
|
ACTION-327 |
closed |
Generalize 8.1.2 to be not specific to visual interfaces |
Thomas Roessler |
2007-11-19 |
ISSUE-115 |
ACTION-328 |
closed |
Propose techniques for not obviously spoofable audio presentation based on discussion above suitable for 8.3.2 |
William Eburn |
2007-11-12 |
ISSUE-115 |
ACTION-329 |
closed |
Review 8.2 to ensure suitability of language in non-visual contexts |
Bruno von Niman |
2007-11-12 |
ISSUE-115 |
ACTION-330 |
closed |
Clarify requirements for usability testing for conformance by e-mail |
Ian Fette |
2007-11-13 |
ISSUE-112 |
ACTION-331 |
closed |
Work toward worked example of usability testing for conformance |
Maritza Johnson |
2007-11-23 |
ISSUE-112 |
ACTION-332 |
closed |
Elaborate on ISSUE-3 |
Stephen Farrell |
2007-11-13 |
|
ACTION-333 |
closed |
Elaborate on ISSUE-4 |
Stephen Farrell |
2007-11-13 |
|
ACTION-334 |
closed |
propose language on bookmark APIs |
Anil Saldhana |
2008-01-24 |
ISSUE-95 |
ACTION-335 |
closed |
Outline discussion topics for ISSUE-96 |
Ian Fette |
2007-11-13 |
|
ACTION-336 |
closed |
Propose material for ISSUE-106 |
Stephen Farrell |
2007-12-21 |
|
ACTION-337 |
closed |
Prod serge about SSL error study; re ISSUE-107 |
Rachna Dhamija |
2007-11-13 |
|
ACTION-338 |
closed |
Prepare discussion topics for Safe Browsing Mode; see ISSUE-108 |
Phillip Hallam-Baker |
2007-12-05 |
ISSUE-108 |
ACTION-339 |
closed |
Propose authoring best practice for ISSUE-110 |
Yngve Pettersen |
2007-11-13 |
ISSUE-110 |
ACTION-340 |
closed |
Gather data about cost of TLS deployment |
Phillip Hallam-Baker |
2007-12-10 |
|
ACTION-341 |
closed |
Send message to tag list about digest auth issue |
Hal Lockhart |
2007-11-13 |
|
ACTION-342 |
closed |
Write up "comment disposition process" in wiki |
Mary Ellen Zurko |
2007-11-21 |
|
ACTION-343 |
closed |
Begin examining some of the recommendations, write down the underlying assumptions for success, then list any prior studies that have already examined those assumptions, and possibly how to test the untested assumptions |
Serge Egelman |
2008-01-29 |
User Studies |
ACTION-344 |
closed |
Propose normative material on audio logotypes; ISSUE-120 |
Thomas Roessler |
2007-11-22 |
ISSUE-120 |
ACTION-345 |
closed |
Begin designing lo-fi user study for Browser Lockdown |
Maritza Johnson |
2008-02-28 |
|
ACTION-346 |
closed |
Propose alternate text to section 8.1.2 which captures the need to prevent spoofing, without over-restricting |
Johnathan Nightingale |
2007-11-28 |
faviconsAndMore |
ACTION-347 |
closed |
Propose "chinese whispers" proof messaging for section 8.1 |
Phillip Hallam-Baker |
2007-12-05 |
faviconsAndMore |
ACTION-348 |
closed |
propose new language for 5.3.7 Trusted Certificates and surrounding terminology issues |
Stephen Farrell |
2007-12-06 |
ISSUE-113 |
ACTION-349 |
closed |
verify that normative material from WhatIsASecurePage was fully incorporated in wsc-xit |
Yngve Pettersen |
2007-12-09 |
|
ACTION-350 |
closed |
report about browser security model discussions |
Tyler Close |
2008-07-16 |
|
ACTION-351 |
closed |
Close this dummy action right away |
Thomas Roessler |
2007-12-04 |
|
ACTION-352 |
closed |
request ISSUE-114 on f2f agenda |
Thomas Roessler |
2008-01-25 |
ISSUE-114 |
ACTION-353 |
closed |
Convert his fwpd review notes into issues against the document |
Johnathan Nightingale |
2008-01-04 |
|
ACTION-354 |
closed |
grow a beard |
Johnathan Nightingale |
2007-12-24 |
|
ACTION-355 |
closed |
Describe algorithms commonly used to create display names of certificates |
Yngve Pettersen |
2007-12-12 |
ISSUE-121 |
ACTION-356 |
closed |
incorporate ISSUE-126 text into wsc-xit |
Thomas Roessler |
2008-01-21 |
ISSUE-126 |
ACTION-357 |
closed |
make hovering effects in wsc-xit less conspicuous |
Thomas Roessler |
2008-02-28 |
|
ACTION-358 |
closed |
ISSUE-116 : Propose language based on last sentence of 2b and the discussion in 12/12's meeting |
Hal Lockhart |
2007-12-19 |
|
ACTION-359 |
closed |
Follow up on ISSUE-131 thread to propose removing 8.3.2.3 in email |
Ian Fette |
2007-12-19 |
Code outside browser |
ACTION-360 |
closed |
Editorial changes from Mez' xit review of December 2007 - see Related notes |
Thomas Roessler |
2008-01-25 |
wsc-xit |
ACTION-361 |
closed |
review wsc-xit |
Phillip Hallam-Baker |
2008-02-02 |
|
ACTION-362 |
closed |
review wsc-xit |
William Eburn |
2008-01-13 |
|
ACTION-363 |
closed |
provide comments for WSC-XIT review |
Ian Fette |
2007-12-22 |
wsc-xit |
ACTION-364 |
closed |
remove non-interaction certs while merging Stephen's rewrite |
Thomas Roessler |
2008-02-06 |
ISSUE-119 |
ACTION-365 |
closed |
Propose subjAltName text for 7.1 |
Tyler Close |
2008-09-04 |
ISSUE-122 |
ACTION-366 |
closed |
Explicitly address the attributes called out here in terms of the matching algorithm, and work offline with stephenf for his clarification on dc= (and anything else) |
Tyler Close |
2008-09-05 |
ISSUE-122 |
ACTION-367 |
closed |
Incorporate the editorial change comments from Tim H's review into wsc-usecases |
Tyler Close |
2008-01-28 |
|
ACTION-368 |
closed |
Draft reversibility text for 7.2.4 |
Tyler Close |
2008-09-05 |
ISSUE-123 |
ACTION-369 |
closed |
Draft some language about webarch interactions for ISSUE-123 |
Thomas Roessler |
2008-01-25 |
ISSUE-123 |
ACTION-370 |
closed |
Draft language to reference RFC 3766 or successors in a useful way |
Bill Doyle |
2008-03-01 |
ISSUE-128 |
ACTION-371 |
closed |
Take a stab at ISSUE-124 |
Anil Saldhana |
2008-11-07 |
ISSUE-124 |
ACTION-372 |
closed |
Propose high-level wording instead of 7.6 http://www.w3.org/TR/wsc-xit/#safebar-onscreenmask; ISSUE-125 |
Thomas Roessler |
2008-01-23 |
ISSUE-125 |
ACTION-373 |
closed |
Poll al G about shoulder surfing attacks in context of assistive technologies |
Mary Ellen Zurko |
2008-01-23 |
ISSUE-125 |
ACTION-374 |
closed |
Rewrite page security score section |
Tim Hahn |
2008-01-23 |
ISSUE-129 |
ACTION-375 |
closed |
link from wsc-xit to issues |
Anil Saldhana |
2008-01-23 |
|
ACTION-376 |
closed |
Rewrite 5.5.3 to tie certificate storage to history |
Johnathan Nightingale |
2008-02-22 |
|
ACTION-377 |
closed |
Change 7.8 to say "need to ask user about change" |
Thomas Roessler |
2008-01-30 |
|
ACTION-378 |
closed |
Implement ISSUE-120 results |
Thomas Roessler |
2008-01-31 |
|
ACTION-379 |
closed |
Remove ISSUE-120 reference from ED |
Thomas Roessler |
2008-01-31 |
|
ACTION-380 |
closed |
Send email to list regarding ISSUE-131 containing full text of new proposal, and will close out the issue |
Thomas Roessler |
2008-02-06 |
|
ACTION-381 |
closed |
Change 9.5 in line with ISSUE-130 discussion ago; close issue. |
Thomas Roessler |
2008-02-06 |
|
ACTION-382 |
closed |
Bring up generic techniques for trust root changeover |
Yngve Pettersen |
2008-02-06 |
|
ACTION-383 |
closed |
Change editor's draft as outlined above [restructure 8.2-8.3] |
Thomas Roessler |
2008-03-21 |
|
ACTION-384 |
closed |
Propose lang about currently interacted primary chrome always visible on screen [do jointly with ACTION-383, restructure 8.2-8.4] |
Thomas Roessler |
2008-03-21 |
|
ACTION-385 |
closed |
Replace 9.3 by text above |
Thomas Roessler |
2008-02-28 |
|
ACTION-386 |
closed |
Update 9.2 with statement above |
Thomas Roessler |
2008-02-28 |
|
ACTION-387 |
closed |
Write replacement text for 5.1.3 |
Phillip Hallam-Baker |
2008-02-13 |
|
ACTION-388 |
closed |
Update definition of 5.1.4 |
Thomas Roessler |
2008-03-14 |
|
ACTION-389 |
closed |
Write up error levels |
Serge Egelman |
2008-02-13 |
|
ACTION-390 |
closed |
Make it so [clean-up of error messages part of spec] |
Thomas Roessler |
2008-03-31 |
|
ACTION-391 |
closed |
Extract out petnames content, provide definition independent of section 7 |
Tyler Close |
2008-02-22 |
|
ACTION-392 |
closed |
Merge http://lists.w3.org/Archives/Public/public-wsc-wg/2007Dec/0005.html |
Thomas Roessler |
2008-03-14 |
|
ACTION-393 |
closed |
Draft replacement text for section 9.1 (trust indicators in content) |
Thomas Roessler |
2008-03-14 |
|
ACTION-394 |
closed |
Fix grammar error in 9.5 |
Thomas Roessler |
2008-02-28 |
|
ACTION-395 |
closed |
Draft elaborated text to section 9.6 re: synchronization of cues |
Tim Hahn |
2008-02-20 |
|
ACTION-396 |
closed |
Work with tyler to get wsc-usecases published as note |
Thomas Roessler |
2008-03-05 |
|
ACTION-397 |
closed |
Add "will use the opera block" to registration form |
Thomas Roessler |
2008-03-05 |
|
ACTION-398 |
closed |
Link oslo logistics from WSC/Group |
Thomas Roessler |
2008-03-05 |
|
ACTION-399 |
closed |
Try to craft some text that revolves around weak/strong signalling |
Ian Fette |
2008-03-05 |
|
ACTION-400 |
closed |
Merge text from ACTION-376 (history storage language) |
Thomas Roessler |
2008-03-25 |
|
ACTION-401 |
closed |
Document/Screencap Larry as a lo-fi prototype candidate for the identity signal |
Johnathan Nightingale |
2008-03-07 |
|
ACTION-402 |
closed |
Put acknowledgements in xit |
Anil Saldhana |
2009-05-22 |
props |
ACTION-403 |
closed |
Check reservation code for f2f hotel |
Yngve Pettersen |
2008-03-26 |
|
ACTION-404 |
closed |
Propose wording for 7.1 (chrome and UI practices) to weaken requirement to stuff that makes sense in a given context |
Stephen Farrell |
2008-03-26 |
|
ACTION-405 |
closed |
Get johnath to clarify applicability and description of crossing chrome-content border, or find other volunteer |
Thomas Roessler |
2008-03-26 |
|
ACTION-406 |
closed |
Point out user burden concerns w/ petnames in detail |
Ian Fette |
2008-03-26 |
|
ACTION-407 |
closed |
Refine petname proposal in light of 2008-03-19 call's discussion |
Tyler Close |
2008-03-26 |
|
ACTION-408 |
closed |
Merge ACTION-399 result and Mez's framework for TLS indicator. http://www.w3.org/mid/OF2C1C81FA.89D109DC-ON852573F7.004AB8EA-852573F7.00507540@LocalDomain http://www.w3.org/mid/bbeaa26f0803031142h2a576de4h7e5e98dc59228fe5@mail.gmail.com |
Thomas Roessler |
2008-03-26 |
|
ACTION-409 |
closed |
Revise "MUST include applicable DNS name" based on discussion |
Thomas Roessler |
2008-04-02 |
|
ACTION-410 |
closed |
Update section 5.1.5. Replace last sentence with: "A pinned self-signed certificate SHOULD be considered sufficient identification to allow user agents to associate a Petname with the site, if supported." |
Anil Saldhana |
2008-04-17 |
|
ACTION-411 |
closed |
Apply change about multiple error conditions |
Anil Saldhana |
2008-04-17 |
|
ACTION-412 |
closed |
Number bulleted list in 5.5.1, and while doing so, swap first two bullets. |
Anil Saldhana |
2008-04-17 |
|
ACTION-413 |
closed |
Add stephenF's note re newly pinned certs to 5.5.1 and re-iterate it in security considerations section |
Anil Saldhana |
2008-04-17 |
|
ACTION-414 |
closed |
Revive relaxed path validation and use it from error handling part of spec |
Thomas Roessler |
2008-04-11 |
|
ACTION-415 |
closed |
Add above text to 5.5.1 TLS errors |
Anil Saldhana |
2008-05-08 |
|
ACTION-416 |
closed |
Draft proposal for slightly stricter variant of relaxed and basic |
Phillip Hallam-Baker |
2008-05-09 |
|
ACTION-417 |
closed |
investigate completeness of error handling wrt TLS extensions |
Stephen Farrell |
2008-05-15 |
|
ACTION-418 |
closed |
Make edit about terms of art, threat to user's interests to 6.4.1 (common error interaction reqs) |
Anil Saldhana |
2008-04-23 |
|
ACTION-419 |
closed |
Either strike last para of 6.4.1 or propose alternative |
Thomas Roessler |
2008-06-06 |
|
ACTION-420 |
closed |
Change 6.4.2 (notification / status) to include "MAY solicit user interaction" |
Anil Saldhana |
2008-04-23 |
|
ACTION-421 |
closed |
Make 6.4.4 accessible |
Anil Saldhana |
2008-05-16 |
wsc-xit |
ACTION-422 |
closed |
Incorporate Stephen's suggested change/clarification |
Anil Saldhana |
2008-05-16 |
SharedSecretWithWhom |
ACTION-423 |
closed |
incorporate DangerWillRobinson |
Anil Saldhana |
2008-05-16 |
DangerWillRobinson |
ACTION-424 |
closed |
Clean comments out of wsc-xit |
Anil Saldhana |
2008-05-23 |
wsc-xit |
ACTION-425 |
closed |
Incorporate agreed text for ISSUE-116 |
Anil Saldhana |
2008-05-29 |
ReconfigureChrome |
ACTION-426 |
closed |
Incorporate ISSUE-128 text |
Thomas Roessler |
2008-06-16 |
ISSUE-128 |
ACTION-427 |
closed |
propose language for SSC section that covers "locally configured trust anchor is actually shown by server" edge case |
Thomas Roessler |
2008-06-06 |
|
ACTION-428 |
closed |
Incorporate ISSUE-183 def to spec |
Anil Saldhana |
2008-05-29 |
ISSUE-183 |
ACTION-429 |
closed |
Take care of luis's email |
Anil Saldhana |
2008-06-07 |
|
ACTION-430 |
closed |
Write up grammar/spelling edits for anil |
Luis Barriga |
2008-05-20 |
wsc-xit |
ACTION-431 |
closed |
Draft plugin-related elaboration text (section 4ish?) |
Mary Ellen Zurko |
2008-05-20 |
|
ACTION-432 |
closed |
Incorporate the changed industry standard to practices text |
Anil Saldhana |
2008-05-20 |
ISSUE-134 |
ACTION-433 |
closed |
Change robustness-apis-obscure-security-ui to include For visual user agents, browser chrome SHOULD always be present to signal security context information. This requirement does not apply when UI is explicitly dismissed by the user, e.g. by switching to full screen mode." |
Anil Saldhana |
2008-05-20 |
ConformanceChrome |
ACTION-434 |
closed |
Add robustness-obscuring xrefs to identity signal and TLS signal |
Anil Saldhana |
2008-05-31 |
|
ACTION-435 |
closed |
Update 7.1.2 to contain the proposed text (superceding earlier changes) |
Anil Saldhana |
2008-05-20 |
MultiPageChrome |
ACTION-436 |
closed |
Update section 7.4.1 with the proposed text |
Anil Saldhana |
2008-05-20 |
SizeMatters |
ACTION-437 |
closed |
Update 7.4.4 to use SHOULD instead of [MAY|SHOULD] |
Anil Saldhana |
2008-05-20 |
RestrictPopups |
ACTION-438 |
closed |
Draft alternate text around requiring saved SSL state |
Thomas Roessler |
2008-05-20 |
ISSUE-169 |
ACTION-439 |
closed |
Remove relaxed path validation section and references |
Anil Saldhana |
2008-05-20 |
relaxedpathvalidation |
ACTION-440 |
closed |
Remove Conformance Labels section 3.2 |
Anil Saldhana |
2008-05-20 |
RemoveEmptiness |
ACTION-441 |
closed |
Draft list of workgroups in response to ISSUE-74 |
Thomas Roessler |
2008-06-06 |
ISSUE-74 |
ACTION-442 |
closed |
Rephrase 5.1.6 as described |
Anil Saldhana |
2008-06-14 |
wsc-xit |
ACTION-443 |
closed |
Include proposal v6 changes to 6.4.4 |
Anil Saldhana |
2008-05-20 |
Be the user's agent and do their bidding |
ACTION-444 |
closed |
Take XHR-over-https questions to webapi |
Thomas Roessler |
2008-05-20 |
|
ACTION-445 |
closed |
Remove the quoted section of TLS Errors, concerned with failed status revocation checks |
Anil Saldhana |
2008-06-10 |
ISSUE-201 |
ACTION-446 |
closed |
Draft uncontroversial text to update section 3.1 and insert it |
Thomas Roessler |
2008-06-10 |
ISSUE-202 |
ACTION-447 |
closed |
Petname refinement on presentation |
Anil Saldhana |
2008-05-23 |
wsc-xit |
ACTION-448 |
closed |
clarify cert status and network errors |
Anil Saldhana |
2008-06-04 |
wsc-xit |
ACTION-449 |
closed |
Luis' editorial updates |
Anil Saldhana |
2008-06-07 |
wsc-xit |
ACTION-450 |
closed |
Update section 5.3 (Mixed Content) to include proposal 2 text |
Anil Saldhana |
2008-05-29 |
ISSUE-200 |
ACTION-451 |
closed |
Add extension text to section 4.1, and possibly merge/reorg sections 3 and 4 |
Thomas Roessler |
2008-06-06 |
Plugin Problems |
ACTION-452 |
closed |
Update 5.5.1 with wiki text, and possibly edit 5.1.5 to avoid "pinning" repetition |
Thomas Roessler |
2008-06-06 |
|
ACTION-453 |
closed |
Provide initial draft of security considerations for EV mixed with DV case |
Yngve Pettersen |
2008-05-30 |
securityconsiderations |
ACTION-454 |
closed |
Add section 9.2 based on issue-205 text |
Anil Saldhana |
2008-05-21 |
|
ACTION-455 |
closed |
Dd that wording to 5.1.2 |
Johnathan Nightingale |
2008-05-21 |
|
ACTION-456 |
closed |
Say why validated certs are worthy of so much reliance, for security considerations |
Thomas Roessler |
2008-06-06 |
securityconsiderations |
ACTION-457 |
closed |
Give overview of why logotypes are interesting in security considerations section |
Phillip Hallam-Baker |
2008-06-11 |
securityconsiderations |
ACTION-458 |
closed |
Add a couple of sentences about what the security consideration section means |
Anil Saldhana |
2008-06-20 |
securityconsiderations |
ACTION-459 |
closed |
Do issue-207 |
Anil Saldhana |
2008-05-21 |
|
ACTION-460 |
closed |
Include ISSUE-208 text in section 9 (with edits as needed) |
Thomas Roessler |
2008-06-06 |
human readable names |
ACTION-461 |
closed |
Alter 6.4.1 accordingly |
Thomas Roessler |
2008-06-06 |
|
ACTION-462 |
closed |
Correct link words that have a definition (such as Web user agents) in the first occurrence in a subsection |
Anil Saldhana |
2008-06-20 |
|
ACTION-463 |
closed |
Add ISSUE-210 text to section 9, with edit to reference "managing user attention" section |
Thomas Roessler |
2008-06-06 |
Warning Fatigue |
ACTION-464 |
closed |
Merge acknowledgments (sections 10 and 2) to 2 |
Anil Saldhana |
2008-05-21 |
|
ACTION-465 |
closed |
Remove sqbrackets from identity signal section |
Thomas Roessler |
2008-06-06 |
nosqbrackets |
ACTION-466 |
closed |
Create an issue for concrete proposals around "can we just make text generic to not refer to desktops or smart phones or hand held devices" |
Anil Saldhana |
2008-06-20 |
|
ACTION-467 |
closed |
Cut off "before " e.g. by switching to |
Anil Saldhana |
2008-05-21 |
|
ACTION-468 |
closed |
Make spelling changes in ISSUE-209 |
Anil Saldhana |
2008-05-21 |
|
ACTION-469 |
closed |
Cut off action433 result before the "e.g. by switching to ....." |
Anil Saldhana |
2008-05-21 |
|
ACTION-470 |
closed |
Create FPWD of best practices for web authors, remove section 8 and references from wsc-xit |
Thomas Roessler |
2008-06-06 |
|
ACTION-471 |
closed |
Replace text in 6.1.1 and 6.3 as drafted above. |
Thomas Roessler |
2008-05-21 |
|
ACTION-472 |
closed |
Drop "desktop" in 4.2.1 3rd and 5th paragraphs |
Anil Saldhana |
2008-05-21 |
|
ACTION-473 |
closed |
Add "device manufactures" to list in 5.1.1, 2nd paragraphs |
Anil Saldhana |
2008-05-21 |
|
ACTION-474 |
closed |
Drop word "desktop" in 7.2 1st paragraph |
Anil Saldhana |
2008-05-21 |
Smartphones |
ACTION-475 |
closed |
Move appendix content to a new document for "post-june" |
Thomas Roessler |
2008-06-06 |
|
ACTION-476 |
closed |
Create list of usability claims and issues for potential testing of petnames section 5.1.6 |
Tyler Close |
2008-05-28 |
|
ACTION-477 |
closed |
Put soaps position paper in shared bookmarks |
Mary Ellen Zurko |
2008-07-18 |
|
ACTION-478 |
closed |
Pull together UT background on 7.1.1 robustness recommendation (shared secret) |
Joe Steele |
2008-07-17 |
|
ACTION-479 |
closed |
Pull together usability testing data from archives in 2 weeks |
Maritza Johnson |
2008-06-04 |
|
ACTION-480 |
closed |
compile feature list for sections 5 and 6 |
Bill Doyle |
2009-03-10 |
|
ACTION-481 |
closed |
write up initial thoughts on section 7 conformance testing |
Thomas Roessler |
2008-06-15 |
|
ACTION-482 |
closed |
Massage ACTION-453 text slightly and merge it into document |
Thomas Roessler |
2008-06-18 |
|
ACTION-483 |
closed |
Turn "MUST NOT unless" into something without negation, around "history mechanism about security information", context pinning |
Thomas Roessler |
2008-06-18 |
|
ACTION-484 |
closed |
Figure out whether mixed mode conformance claims are accurate for images |
Johnathan Nightingale |
2008-06-18 |
|
ACTION-485 |
closed |
Insert "derived" in "web user agents MUST NOT display identity information from" |
Thomas Roessler |
2008-06-18 |
|
ACTION-486 |
closed |
Rewrite redirection chains part |
Johnathan Nightingale |
2008-06-18 |
|
ACTION-487 |
closed |
Review and polish Overview section |
Mary Ellen Zurko |
2008-06-18 |
|
ACTION-488 |
closed |
Change short name from wsc-xit to wsc-ui |
Thomas Roessler |
2008-06-25 |
|
ACTION-489 |
closed |
Take care of publication of wsc-ui as Last Call WD |
Thomas Roessler |
2008-07-15 |
|
ACTION-490 |
closed |
Scour web and attempt to synthesize out "commonly recommended practices" for web authors |
Johnathan Nightingale |
2008-08-08 |
|
ACTION-491 |
closed |
Poll group members for site authoring expertise |
Mary Ellen Zurko |
2008-07-16 |
|
ACTION-492 |
closed |
Contact ebay about paypal web authoring best practices |
Phillip Hallam-Baker |
2008-10-17 |
|
ACTION-493 |
closed |
Write up guidelines section related to sanitizing user data |
Johnathan Nightingale |
2008-10-24 |
|
ACTION-494 |
closed |
Contact rob y about web authoring guidelines and security |
Mary Ellen Zurko |
2008-07-25 |
|
ACTION-495 |
closed |
Get tlr to help us figure out what form a test procedure takes |
Mary Ellen Zurko |
2008-09-25 |
|
ACTION-496 |
closed |
Fill out the Opera column in our features at risk table |
Yngve Pettersen |
2008-09-16 |
|
ACTION-497 |
closed |
Fill out the FF column in our features at risk table |
Johnathan Nightingale |
2008-08-08 |
|
ACTION-498 |
closed |
Write up plan for gettign to CR entry |
Mary Ellen Zurko |
2008-11-01 |
|
ACTION-499 |
closed |
Frame review of contnt transform guidelines |
Thomas Roessler |
2008-08-13 |
|
ACTION-500 |
closed |
Inquire phb about ev cert for test environment |
Mary Ellen Zurko |
2008-08-20 |
|
ACTION-501 |
closed |
Ask if Microsoft has expertise for our site development draft |
Mary Ellen Zurko |
2008-11-01 |
|
ACTION-502 |
closed |
drive test case matrix for 6.12 |
Phillip Hallam-Baker |
2008-09-03 |
|
ACTION-503 |
closed |
Frame discussion about interaction of navigation policy and security indicators |
Tyler Close |
2008-09-03 |
|
ACTION-504 |
closed |
Propose comment on mobileOK test; propose on list with 24h objection period |
Thomas Roessler |
2008-09-03 |
|
ACTION-505 |
closed |
Propose comment re https lnk rewriting, client-side certs and channel bindings |
Thomas Roessler |
2008-09-03 |
|
ACTION-506 |
closed |
Update reference to 5280 |
Thomas Roessler |
2008-09-03 |
|
ACTION-507 |
closed |
Propose detailed edit in response to http://lists.w3.org/Archives/Public/public-wsc-wg/2008Aug/0032.html |
Thomas Roessler |
2008-09-09 |
|
ACTION-508 |
closed |
Draft spec language about downgrading indicators to level of least-secure frame |
Ian Fette |
2008-09-10 |
|
ACTION-509 |
closed |
Draft additional security considerations about assumption that DV not issued wehn AA is available |
Tyler Close |
2009-01-29 |
|
ACTION-510 |
closed |
Draft "security state change needs to be in user's face" language |
Joe Steele |
2008-09-10 |
|
ACTION-511 |
closed |
fill in feature table with Google Chrome information, generally come back with feed-back |
Ian Fette |
2008-10-20 |
|
ACTION-512 |
closed |
Incorporate LC-2059 changes |
Anil Saldhana |
2008-12-21 |
|
ACTION-513 |
closed |
Propose response for petname-related parts of LC-2088 |
Tyler Close |
2009-01-15 |
|
ACTION-514 |
closed |
Propose change to 6.1.2 to accomodate "SHOULD NOT" concern for logotypes, possibly relating to overall AA language |
Phillip Hallam-Baker |
2008-10-17 |
|
ACTION-515 |
closed |
Propose tightened text in 7.2 |
Mary Ellen Zurko |
2008-09-26 |
|
ACTION-516 |
closed |
Put information about upcoming f2f on group homepage |
Thomas Roessler |
2008-10-01 |
|
ACTION-517 |
closed |
Check EV expectations for subjectAltName |
Yngve Pettersen |
2008-10-07 |
|
ACTION-518 |
closed |
Refine text above this action in the minutes |
Thomas Roessler |
2008-10-10 |
|
ACTION-519 |
closed |
Solicit input on wildcard implementation |
Thomas Roessler |
2008-10-01 |
|
ACTION-520 |
closed |
Draft explanation of wildcard & scaling of attacks |
Thomas Roessler |
2008-10-10 |
|
ACTION-521 |
closed |
Propose clarification for 7.1.1 |
Mary Ellen Zurko |
2008-11-01 |
|
ACTION-522 |
closed |
Send the email |
Thomas Roessler |
2008-10-15 |
|
ACTION-523 |
closed |
Answer to Jo Rabin re HTTPS beahvior in MWBP guidelines |
Thomas Roessler |
2008-10-15 |
|
ACTION-524 |
closed |
Come back with a counteroffer on this one, narrow the scope of the information to be kept to just security sensitive info |
Phillip Hallam-Baker |
2008-10-15 |
|
ACTION-525 |
closed |
Add future-proofing note to AA and O attribute |
Thomas Roessler |
2008-12-05 |
|
ACTION-526 |
closed |
Add reference to OCSP |
Thomas Roessler |
2008-12-05 |
|
ACTION-527 |
closed |
Propose response to Francois Daoust's comment |
Mary Ellen Zurko |
2008-12-20 |
|
ACTION-528 |
closed |
Write up some motivation/guidance on petnames, addressing Ian Grigg's comment |
Tyler Close |
2009-01-15 |
|
ACTION-529 |
closed |
Insert references to Key Continuity Management (KCM) in the sections on certificate pinning, since the linkage seems unclear from review comments |
Anil Saldhana |
2009-01-30 |
|
ACTION-530 |
closed |
Add preamble text which scopes our audience. While the document is intended to give UI guidance, there is an assumption that a certain level of understanding of core PKI technologies is present. |
Anil Saldhana |
2008-10-22 |
|
ACTION-531 |
closed |
Try to tease apart aspects of the document which are UI Guidelines in the traditional sense, and aspects which are principally about underlying technologies |
Maritza Johnson |
2008-11-04 |
|
ACTION-532 |
closed |
Write preamble which sets expectations for UI designers, resolves Conformance/Guidelines debate, ends world hunger |
Mary Ellen Zurko |
2008-12-20 |
|
ACTION-533 |
closed |
Ensure that the reference in 3.4.3 to AA-qualified certificates points to text with an EV reference |
Anil Saldhana |
2008-11-05 |
|
ACTION-534 |
closed |
Propose replacement text for 7.4.2 |
Ian Fette |
2009-01-22 |
|
ACTION-535 |
closed |
Add note to 5.1.5 that notes that SSC can provide protection against active attacks if KCM is in place |
Thomas Roessler |
2008-12-05 |
|
ACTION-536 |
closed |
Add CN mismatch as an example of what 6.4.1. means into spec |
Thomas Roessler |
2008-12-05 |
|
ACTION-537 |
closed |
Implement ISSUE-216 change |
Thomas Roessler |
2008-12-05 |
ISSUE-216 |
ACTION-538 |
closed |
Draft two proposals for 6.2.G |
Thomas Roessler |
2008-12-05 |
|
ACTION-539 |
closed |
Clarify first paragraph of 6.2 |
Thomas Roessler |
2008-12-05 |
ISSUE-219 |
ACTION-540 |
closed |
Fix 6.2.N, to clarify that this is not about client authentication |
Thomas Roessler |
2008-12-05 |
ISSUE-220 |
ACTION-541 |
closed |
Update spec re ISSUE-222 |
Thomas Roessler |
2008-12-05 |
ISSUE-222 |
ACTION-542 |
closed |
Update 7.1.2 (see minutes above this action) |
Thomas Roessler |
2008-12-05 |
ISSUE-223 |
ACTION-543 |
closed |
Replace 7.2 text with tightened version |
Anil Saldhana |
2008-10-30 |
wsc-xit |
ACTION-544 |
closed |
Make the text changes for Tylers proposal |
Anil Saldhana |
2008-11-14 |
|
ACTION-545 |
closed |
Put together "rearranged" document for review |
Maritza Johnson |
2008-11-19 |
|
ACTION-546 |
closed |
Change 6.1.2 as described above this action item |
Thomas Roessler |
2008-12-10 |
ISSUE-216 |
ACTION-547 |
closed |
Deal with typos from LC-2059 http://www.w3.org/2006/02/lc-comments-tracker/39814/WD-wsc-ui-20080724/2059 |
Thomas Roessler |
2008-12-23 |
|
ACTION-548 |
closed |
Add the tightened text for 7.2 |
Anil Saldhana |
2008-12-16 |
wsc-xit |
ACTION-549 |
closed |
Integrate text clarification for 5.4.1 |
Anil Saldhana |
2008-12-16 |
wsc-xit |
ACTION-550 |
closed |
Incorporate ACTION-525 text into editor's draft |
Thomas Roessler |
2009-01-14 |
|
ACTION-551 |
closed |
Put second option from ACTION-538 into editor's draft |
Thomas Roessler |
2009-01-14 |
|
ACTION-552 |
closed |
Put text from ACTION-539 into editor's draft |
Thomas Roessler |
2009-01-14 |
|
ACTION-553 |
closed |
Take change from http://lists.w3.org/Archives/Public/public-wsc-wg/2009Jan/0002.html into draft |
Thomas Roessler |
2009-01-14 |
|
ACTION-554 |
closed |
Take mez's intro section into the document, modulo the guidelines intending stuff, and core PKI technologies being used on the Web |
Thomas Roessler |
2009-01-14 |
|
ACTION-555 |
closed |
Send e-mail with proposed update to petnames proposal along lines of discussion above |
Thomas Roessler |
2009-01-14 |
|
ACTION-556 |
closed |
Put in reference to Marc Stiegler's petnames paper |
Thomas Roessler |
2009-01-14 |
|
ACTION-557 |
closed |
Replace par. 2 of 6.1.1 with above text |
Thomas Roessler |
2009-01-14 |
|
ACTION-558 |
closed |
Include change from http://lists.w3.org/Archives/Public/public-wsc-wg/2008Sep/0013.html |
Thomas Roessler |
2009-01-16 |
|
ACTION-559 |
closed |
Clarify OID / OOB designation issue in beginning of 5.1.2, see 9/24 minutes and LC-2088 |
Thomas Roessler |
2009-01-16 |
|
ACTION-560 |
closed |
Propose regrets section text for petnames |
Tyler Close |
2009-01-21 |
|
ACTION-561 |
closed |
Propose regrets section text for key continuity management |
Johnathan Nightingale |
2009-01-21 |
|
ACTION-562 |
closed |
Add some text to clarify PKI and relevant sections |
Anil Saldhana |
2009-01-28 |
|
ACTION-563 |
closed |
Change 6.1.2 bullet about SHOULD NOT render logotypes -> MUST NOT render |
Anil Saldhana |
2009-01-21 |
|
ACTION-564 |
closed |
Drop \", or execution of privileged code\" |
Thomas Roessler |
2009-02-04 |
|
ACTION-565 |
closed |
propose updated SOTD |
Thomas Roessler |
2009-01-28 |
|
ACTION-566 |
closed |
Draft comment to MWBP |
Thomas Roessler |
2009-02-04 |
|
ACTION-567 |
closed |
Incorporate ACTION-509 text |
Thomas Roessler |
2009-02-17 |
wsc-xit |
ACTION-568 |
closed |
Circulate updated SOTD |
Thomas Roessler |
2009-02-20 |
|
ACTION-569 |
closed |
Update disposition of comments based on LC commenters replies |
Thomas Roessler |
2009-02-20 |
|
ACTION-570 |
closed |
Write security considerations on cross-site xhr, scripts |
Thomas Roessler |
2009-04-01 |
|
ACTION-571 |
closed |
Draft text about showing unrelated identity signals |
Joe Steele |
2009-05-13 |
|
ACTION-572 |
closed |
Check ssl reference uri |
Thomas Roessler |
2009-04-01 |
|
ACTION-573 |
closed |
Look at scoping for 6.4 |
Thomas Roessler |
2009-04-01 |
|
ACTION-574 |
closed |
Draft initial response to Nokia comment, asking for refinement |
Thomas Roessler |
2009-04-07 |
|
ACTION-575 |
closed |
Parse current spec text regarding img with bad TLS |
Thomas Roessler |
2009-04-15 |
|
ACTION-576 |
closed |
Generate list of terms with links |
Thomas Roessler |
2009-04-15 |
|
ACTION-577 |
closed |
Fix \"primary/secondiary UI vs primary/secondary Chrome\" |
Thomas Roessler |
2009-07-17 |
|
ACTION-578 |
closed |
Clean up \"AAC\" vs \"AA certificate\" terminology |
Thomas Roessler |
2009-04-15 |
|
ACTION-579 |
closed |
Put ACTION-570 text into document |
Thomas Roessler |
2009-04-15 |
|
ACTION-580 |
closed |
Consider 5.1.2 clean-up |
Thomas Roessler |
2009-04-15 |
|
ACTION-581 |
closed |
Propose clarification of pinning re domain name |
Thomas Roessler |
2009-04-15 |
|
ACTION-582 |
closed |
Send test case description re broken inline content |
Thomas Roessler |
2009-04-22 |
|
ACTION-583 |
closed |
Implement test cases re broken inline content |
Yngve Pettersen |
2009-05-06 |
|
ACTION-584 |
closed |
Change 5.2, third <ol>, first bullet point to "TLS handshake used anonymous key exchange algorithm |
Thomas Roessler |
2009-04-22 |
|
ACTION-585 |
closed |
Check on augmented assurance indicator |
Thomas Roessler |
2009-05-01 |
|
ACTION-586 |
closed |
Create an additional sentence for the start of 6.1.1 to clarify what an identity signal is and address Nokia's comment |
Joe Steele |
2009-05-13 |
|
ACTION-587 |
closed |
Change the word 'identity' to 'displayed' in 6.2 bullet 4 |
Anil Saldhana |
2009-05-20 |
|
ACTION-588 |
closed |
Update 7.3 with the text When confronted with multiple modal interactions during a short amount time, users are known to exercise the default option (e.g., by pressing the Enter key repeatedly) until the sequence of modal interactions stops blocking the user's intended interaction. |
Anil Saldhana |
2009-05-20 |
|
ACTION-589 |
closed |
Update 3.1 or 4.2.1 as it pleases you to say This specification addresses Web user agents as a product class. "Web user agents" and "user agents" are used synonymously in this document. |
Anil Saldhana |
2009-05-20 |
|
ACTION-590 |
closed |
Update 7.4.1 to say Web user agents MUST prevent web content from obscuring, hiding, or disabling user interfaces that display security context information. |
Anil Saldhana |
2009-05-20 |
|
ACTION-591 |
closed |
Take results from action-580 and drop them into the spec |
Anil Saldhana |
2009-07-17 |
|
ACTION-592 |
closed |
Insert the text "A Web User Agent SHOULD NOT display a modal security dialog related to a Web Page which does not currently have focus. Security dialogs include prompts for user credentials, script errors and TLS errors." into a new section 7.3 |
Anil Saldhana |
2009-05-20 |
|
ACTION-593 |
closed |
Append to 5.4.1 the text "When TLS error conditions occur, user agents MAY choose to abort the connection without any further user interaction. The guidelines in this section apply when user agents choose to cause a user interaction in the case of TLS error conditions." |
Anil Saldhana |
2009-05-20 |
|
ACTION-594 |
closed |
Come up for concrete text for the second bullet in his email http://lists.w3.org/Archives/Public/public-wsc-wg/2009May/0009.html or decide not to pursue the issue |
Thomas Roessler |
2009-05-20 |
|
ACTION-595 |
closed |
Changing the section 1 overview's last paragraph to the text identified in the minutes at http://www.w3.org/2009/05/13-wsc-irc#T15-45-57 |
Anil Saldhana |
2009-05-20 |
|
ACTION-596 |
closed |
Read the spec and tell us what is bad, DUE 2009-05-27 |
Joe Steele |
2009-05-27 |
|
ACTION-597 |
closed |
Deliver an updated version of the browser implementation table for Chrome with respect to the updated spec due 2009-06-05 |
Ian Fette |
2010-02-05 |
|
ACTION-598 |
closed |
Deliver an updated version of the browser implementation table for Opera with respect to the updated spec due 2009-06-05 |
Yngve Pettersen |
2010-01-22 |
|
ACTION-599 |
closed |
Deliver an updated version of the browser implementation table for Firefox with respect to the updated spec due 2009-06-05 |
Johnathan Nightingale |
2010-01-15 |
|
ACTION-600 |
closed |
Create a template for the new browser implementation table for ian, yngve, johnath to follow |
Mary Ellen Zurko |
2009-12-04 |
|
ACTION-601 |
closed |
Review wsc-ui concerning mismatch to ucr document |
Thomas Roessler |
2009-05-27 |
|
ACTION-602 |
closed |
Add reference to 5.3 to section 6.1.2 (see minutes about this action item) |
Anil Saldhana |
2009-06-03 |
|
ACTION-603 |
closed |
Replace last paragraph of 5.3 with text above |
Anil Saldhana |
2009-06-03 |
|
ACTION-604 |
closed |
Check with Mez on 10.4 |
Thomas Roessler |
2009-06-10 |
|
ACTION-605 |
closed |
Propose more detailed text about relationship to use case note, based on previous call's minutes |
Joe Steele |
2009-06-24 |
|
ACTION-606 |
closed |
Attempt fixing yngve's point about TLS-protected or not |
Thomas Roessler |
2009-06-10 |
|
ACTION-607 |
closed |
Propose changes in 5.4.1 to clarify end entity vs intermediaries |
Joe Steele |
2009-06-10 |
|
ACTION-608 |
closed |
Perform substitution proposed in action-606 |
Thomas Roessler |
2009-06-17 |
|
ACTION-609 |
closed |
Change final clause of 5.4.4 to if form submissions from a TLS-secured page are directed to an unsecured channel. |
Anil Saldhana |
2009-07-17 |
|
ACTION-610 |
closed |
Make the change in ACTION-607 |
Anil Saldhana |
2009-07-16 |
|
ACTION-611 |
closed |
Change 5.4.4 to MAY |
Anil Saldhana |
2009-06-24 |
|
ACTION-612 |
closed |
Change 8.7 text to above (inculde "described above") |
Anil Saldhana |
2009-07-01 |
|
ACTION-613 |
closed |
Ref 6.1 in 2nd paragraph of overview as described above |
Anil Saldhana |
2009-07-01 |
|
ACTION-614 |
closed |
Change p3 to separate sentences as above |
Anil Saldhana |
2009-07-01 |
|
ACTION-615 |
closed |
Add identity information definition to 4.2 |
Anil Saldhana |
2009-07-01 |
|
ACTION-616 |
closed |
Change 5.12 and 3.4 appropriately as above |
Anil Saldhana |
2009-07-17 |
|
ACTION-617 |
closed |
Fold text above into document |
Thomas Roessler |
2009-07-15 |
|
ACTION-618 |
closed |
Make the 5.4.1 change in Joe's review comments |
Thomas Roessler |
2009-07-15 |
|
ACTION-619 |
closed |
Make the 5.4.4 change in Joe's review comments |
Thomas Roessler |
2009-07-15 |
|
ACTION-620 |
closed |
Replace second to last paragraph in 6.1.2 with the text "During interactions with a mixed content Web page, the identity signal MUST NOT include any site identity information exceeding that in use for unprotected HTTP transactions. In this situation, the identity signal MAY include indicators that point out any error conditions that occurred." |
Anil Saldhana |
2009-07-22 |
|
ACTION-621 |
closed |
Clean up 7.4.1 such that "informatio" becomes "information" |
Anil Saldhana |
2009-07-22 |
|
ACTION-622 |
closed |
Fix XHR references in 8.7 |
Thomas Roessler |
2009-07-22 |
|
ACTION-623 |
closed |
Move revised ACTION-617 text into editor's draft, send note to list |
Thomas Roessler |
2009-08-06 |
|
ACTION-624 |
closed |
Amend "web user agent" and "browser" as above |
Anil Saldhana |
2009-10-08 |
|
ACTION-625 |
closed |
Specify that chrome refers to both primary and secondary ui |
Thomas Roessler |
2009-12-31 |
|
ACTION-626 |
closed |
Make change in issue-228 (upcase) |
Anil Saldhana |
2009-10-08 |
|
ACTION-627 |
closed |
Change "for" to "by" in last paragraph of 7.4.1 |
Anil Saldhana |
2009-09-30 |
|
ACTION-628 |
closed |
Change the content based on ISSUE-230 |
Anil Saldhana |
2009-10-14 |
|
ACTION-629 |
closed |
Strike 3rd para of 7.4.2 and ref 8.5 from 6.3 |
Thomas Roessler |
2009-10-14 |
|
ACTION-630 |
closed |
Craft change to cover apis and tags for bookmarking |
Thomas Roessler |
2009-10-14 |
|
ACTION-631 |
closed |
Put out email on the select issue and spec text |
Mary Ellen Zurko |
2009-11-04 |
|
ACTION-632 |
closed |
Clarify in the specification |
Mary Ellen Zurko |
2009-11-04 |
|
ACTION-633 |
closed |
Put out proposed update on install to clarify |
Mary Ellen Zurko |
2009-11-04 |
|
ACTION-634 |
closed |
Propose wording change to 7.4.3 |
Mary Ellen Zurko |
2009-11-04 |
|
ACTION-635 |
closed |
Clarify "install" in 7.4.2 |
Anil Saldhana |
2009-11-27 |
|
ACTION-636 |
closed |
change "bookmark file" to "bookmarks" |
Anil Saldhana |
2009-11-27 |
|
ACTION-637 |
closed |
Obscuring SCI |
Anil Saldhana |
2009-11-27 |
|
ACTION-638 |
closed |
craft text on III + conformance claim for O and CN |
Thomas Roessler |
2010-02-19 |
|
ACTION-639 |
closed |
Update implementation reports for LIX, LX |
Mary Ellen Zurko |
2010-04-07 |
|
ACTION-640 |
closed |
Suggest clarification to interaction model to address **1** |
Joe Steele |
2010-04-07 |
|
ACTION-641 |
closed |
Get back to timeless on **2** |
Mary Ellen Zurko |
2010-04-07 |
|
ACTION-642 |
closed |
Annotate impl report on wobbliness of this requirement |
Mary Ellen Zurko |
2010-04-07 |
|
ACTION-643 |
closed |
Find previous WG discussion on this point |
Mary Ellen Zurko |
2010-04-07 |
|
ACTION-644 |
closed |
Fill in issues, create updated editor's draft |
Thomas Roessler |
2010-04-07 |
|
ACTION-645 |
closed |
Adjust the text to remove HTTPS text in the definition |
Thomas Roessler |
2010-04-14 |
|
ACTION-646 |
closed |
"by enforcing the constraints expressed in the associated data" |
Thomas Roessler |
2010-04-21 |
|