RE: ISSUE-132: Update Section 10.1 of wsc-xit with information from updated browser lock down wiki page from Dan Schutzer on 2007-11-26 (public-wsc-wg@w3.org from November 2007)

From: Dan Schutzer <dan.schutzer@fstc.org>
Date: Mon, 26 Nov 2007 12:16:20 -0500
To: "'Mary Ellen Zurko'" <Mary_Ellen_Zurko@notesdev.ibm.com>, "'Web Security Context Working Group WG'" <public-wsc-wg@w3.org>
Message-ID: <022a01c83050$141e8300$6500a8c0@dschutzer>

I would agree that a user should always be able to view and modify
security-related configuration settings, but that if a user agent does their
job correctly, it should not be necessary, especially for the user who would
have trouble understanding the kind of detailed security configuration
settings that one sees today in the Security tab

 

  _____  

From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On
Behalf Of Mary Ellen Zurko
Sent: Monday, November 26, 2007 11:36 AM
To: Web Security Context Working Group WG
Subject: Re: ISSUE-132: Update Section 10.1 of wsc-xit with information from
updated browser lock down wiki page

 


"A user agent MUST support a mode of operation whereby the user is unable to
view or modify the security-related configuration settings. "

It seems wrong to me that there is a mode where the user is unable to view
the security related configuration settings. In every context I've ever been
in, having some ability to get to more information if helpful. 

I would remove the "view or" part of this, unless I'm missing something.

Received on Monday, 26 November 2007 17:16:53 UTC