- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 18 May 2007 01:21:04 +0200
- To: WSC WG <public-wsc-wg@w3.org>
The minutes from our meeting on 2 May have been approved, and are
available online:
http://www.w3.org/2007/05/02-wsc-minutes
Regards,
--
Thomas Roessler, W3C <tlr@w3.org>
[1]W3C
WSC WG weekly
2 May 2007
[2]Agenda
See also: [3]IRC log
Attendees
Present
Shawn, MaryEllen_Zurko, jvrkey, Bill_Doyle, staikos, Tyler, rachna,
Maritza_Johnson, Mike_McCormick, Serge, Audian, yngve, luis,
DanSchutzer, Tim_Hahn
Regrets
Johnathan_N, Thomas_R, Phil_HB, Stuart_S, Paul_H, Bruno
Chair
MEZ
Scribe
Shawn Duffy
Contents
* [4]Topics
1. [5]approve minutes from last meeting
2. [6]Newly closed action items
3. [7]favicons from Michael M
4. [8]What is a secure page?
5. [9]Anti-Patterns derived from SSL certificate dialogs
6. [10]KDE Robustness Practices
7. [11]Editors discussion
* [12]Summary of Action Items
_________________________________________________________________
<scribe> Agenda:
[13]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0356.html
approve minutes from last meeting
<staikos> I can't complain
Mez: any complaints?
... minutes approved
Newly closed action items
Mez: did not hear any issues on list
... items closed and approved
favicons from Michael M
[14]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0256.html
Michael: assuming we're familiar with favicons
... icons that appear in title bars, etc
... some concerns about favicons on security context
... users are beginning to view favicons as part of security context
... compounded by the fact that it appears in chrome
... any entity can steal or create their own favicons
... no central authority for favicons
... favicons should be treated as a security anti-pattern
... undermine security context display
... blur the distinction between chrome and content
... some things that could be done to make them more secure
... tied to dns? crypto?
... ensuring no two sites use the same one, etc
<staikos> Michael is describing logotype
Mez: checking for concerns
yngve: example... the major banking clearinghouse in norway
... has a favicon from netscape
staikos: favicons have been a concern at kde
... what to do with invalid certs
... dont want a popup dialog just for favicons
... perfect ssl or ignore favicon
... useers would confuse konqueror icon and favicon
... users not knowing what favicons are
... hard to use favicons as logos because of size/resolution
... the secure version would be a logotype extension
... philip could speak to this
Tyler: michael's description... should recommend that browsers not display
favicon
... without vetting
... is this possible from the browser dev standpoint?
<staikos> I predict user revolt
yngve: needs to check with usability people
... thinks users would miss them
... websites might also want them
<staikos> I agree with yngve
<Audian> require EV cert?
Tyler: if we cant remove favicons, can we add some vetting or conditions?
... is that acceptable to users/websites
<staikos> KDE doesn't display it if it comes via SSL and the cert is
expired/invalid/self signed/etc
staikos: if we require cert, we should jst require logotype extension
tyler: example on restrictions
... ???
missed that one
<staikos> that sounds like a browser extension to me - not something to
build in
<jvkrey> only display it when the site is infact in favourites/bookmarks ?
<Audian> me too
<serge> I agree
serge: back on ev cert issue
<Mez_> tyler: how about only showing favicon if the user has configured some
sort of trust, like a petname?
serge: seems silly to display only when there is a EV cert
... still relying on arbitrary third party
Mez: thoughts on tyler's suggestions?
serge: good idea, but may be out of scope
Mez: petnames and favicons are not out of scoper
... any more on favicons?
... similar concerns as george regarding favicon and url display
... is there anything about favicons and how they interact.. ie, research
rachna: looked at favicons
Mez: are they useful or confusing?
rachna: users love them and rely on them as an important indicator
... maybe more than https
... maybe more than url
... they are misunderstood
yngve: any difference between tab icon and url
mez: any more on favicons?
... Michael can you update favicons in wiki?
... personally would support favicons recommendations
<scribe> ACTION: Michael to update favicons in Wiki [recorded in
[15]http://www.w3.org/2007/05/02-wsc-minutes.html#action01]
<trackbot> Sorry, amibiguous username (more than one match) - Michael
<trackbot> Try using a different identifier, such as family name or username
(eg. mmccormi, msmith9)
<staikos> I find it hard to imagine removing favicons anytime soon
<scribe> ACTION: Mike_McCormick to update favicon in wiki [ - due 2007-05-16
] [recorded in [16]http://www.w3.org/2007/05/02-wsc-minutes.html#action02]
<trackbot> Sorry, couldn't find user - Mike_McCormick
<PHB> I think that the recommendation on favicons should emphasize the
unauthenticated nature of the information presented and the abmigous
security situation
<staikos> my corporate firewall could b e adjusted to block it too
<jvkrey> :)
<scribe> ACTION: McCormick to update favicons in wiki [ - due 2007-05-16 ]
[recorded in [17]http://www.w3.org/2007/05/02-wsc-minutes.html#action03]
<trackbot> Created ACTION-208 - update favicons in wiki [ [on Michael
McCormick - due 2007-05-02].
<Mez_>
[18]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html-
What is a secure page?
<staikos> PHB: logotype seems like the right choice for the future on secure
pages. On insecure pages users want a way to create bookmarks with
meaningful icons, and to find the right tab in their browser
yngve: limit the definition of secure page
<Mez_>
[19]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html
<staikos> hm that should have been PHB,
yngve: can't assess security of client
... padlock is indicator of client's evaluation of security
... opera uses every element including redirects
... opera includes key strength, warnings, ocsp info
... other client may use different criteria
... primary problem: how to handle mixed security elements
... and redirects
... form submit between secure/insecure
... padlocks on insecure pages
... suggestion - how to recommend the behavior of services
... e.g. no padlock, discourage unsafe practices
Mez: struggling with issues raised
... may begin to include ajax/json
... what to do with mixed content
... we havent dealt with it in proposals yet
... anyone have ideas regarding mixed content?
yngve: secure main page with insecure images
... having it secure will cost too much
Bill: mixed security for user content or ads?
... user data in mixed content ties in with previous thread
... what do you mean by mixed?
Mez: reminded on action
... "everything"
... can we partition it?
Bill: some doesn't matter... some users might care about
yngve: arbitrarily deciding whats important... client has to tell
... either everything or mixed should be insecure
Bill: Can we differentiate between user content and other
yngve: has seen secure sourcing external insecure js
Bill: a payment page would likely be "important"
... tough question
Mez: would like it to be part of the recommendations
... any more comments on secure page?
<scribe> ACTION: yngve to update wiki with recommendation on mixed content [
- due 2007-05-16 ] [recorded in
[20]http://www.w3.org/2007/05/02-wsc-minutes.html#action04]
<trackbot> Created ACTION-209 - update wiki with recommendation on mixed
content [ [on Yngve Pettersen - due 2007-05-02].
Anti-Patterns derived from SSL certificate dialogs
<Mez_>
[21]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0289.html
McCormick: we spoke about an example of a site with a self-signed sert
... confusing warnings and dialog
... promoting specific anti-patterns
... the 4 anti-patterns:
... use of technical jargon users may not know
... giving the site url as the only contact info
... suggesting actions that cannot be performed
... not explaining consequence of options
... Mez had some good comments... linked email to recommendation
... can we use that to launch discussion
Mez: first pattern... in this context and johnathan's proposal...
... technical info is usually related to crypto pki
<staikos> PKI is not only hard in the browser
<staikos> it's hard everywhere
<staikos> that's why we have unencrypted email everywhere
Mez: dont know if anyone is aware of research that can make crypto and pki
understandable
... mapping them to errors
... any references?
<Tyler> petname tool
staikos: example..
<Mez_> what about petname takes on crypto/pki and makes it easier tyler?
staikos: sent email to tech support... attached digital sig
... got encrypted response
... some software will do this automatically
... automation and transparency is key to implementation
Mez: familiar with some of this software
... dont know how they deal with errors
Tyler: details of crypto not important... the guarantee is important
... a proper TLS session ensures some.. how to match that to user
expectiations
... petname tool only lights up when connection is secure to trusted party
Mez: How do we deal with errors, though?
... are errors discounted?
<Audian> Is the question about how 'we' deal with errors or how 'users' deal
with errors?
Tyler: let's not try to define those errors to user
... just tell them they cant trust... not why they cant
yngve: problem with errors...
... client expects user to continue but cant guarantee security
... if there is an error, dont display anything
Tyler: two scenarios
... either an attack is in process
... site is misconfigured
yngve: misconfiguration is most likely
... self-signed certs are an example
... attack scenario less likely
... what should the client do?
... does it not display error asking user to continue?
tyler: self-signed cert not a misconfiguration
yngve: its a misconfig from a client POV
<staikos> sometimes a self-signed cert IS a misconfiguration
<staikos> like "oops, forgot to install the cert I bought"
tyler: do self-signed certs represent the majority of "misconfigurations"?
yngve: webmail often has these problems
<staikos> I agree with Ingve.
yngve: cert often has wrong name
<staikos> I have been trying to encourage some of these webmail solution to
repair their problems
tyler: domain name mismatches are a large portion
Mez: this is in our charter and goals... to talk about configuration
... we need to identify context problems that arise from server
copnfiguration
yngve: high-trust sites should not provoke security errors.. .such as banks
Mez: any more comments on pki/crypto and errors in context info?
<scribe> ACTION: McCormick to encapsulate error and anti-pattern info to
wiki [ - due 2007-05-16 ] [recorded in
[22]http://www.w3.org/2007/05/02-wsc-minutes.html#action05]
<trackbot> Created ACTION-210 - encapsulate error and anti-pattern info to
wiki [ [on Michael McCormick - due 2007-05-02].
KDE Robustness Practices
<Mez_> [23]http://www.w3.org/2006/WSC/wiki/NoteKDECurrentPractice
staikos: kde tries to be robust but gets stuck on compatibility issues
... any area people would like to hear about?
... haven't worked on all areas... been developed over a long time
Mez: some of our robustness recommendations
... do not allow content to make display area small
... move it off-screen, etc
... all could be parts of recommendation
staikos: agreed... but may be obsolete
... most browsers may already do this
Mez: agreed.. but may be worth including anyway
staikos: good to document... not entirely obvious
... html spec does not forbid the things that we want to forbid
... we have one thread that runs js code
... errors would cause infinite loops
... now guards against long-running processes
Mez: is this a part of security indicators?
staikos: this was more of a stability to issue
... to prevent unnecessary denial of service
Mez: smart pop-up blocker...
staikos: may not be a security issue
... must be careful not to become incompatible with other browsers
Mez: asked about stricter policies
staikos: those were related to networking...
... frames and ssl
... various browsers had different ways of relaying information to users
... initially, had very strict policies... had to relax them for
incompatibility issues
Mez: any comments on kde robustness practices?
... no comments
<scribe> ACTION: staikos to add robustness info to wiki that may turn into
recommendation [ - due 2007-05-30 ] [recorded in
[24]http://www.w3.org/2007/05/02-wsc-minutes.html#action06]
<trackbot> Created ACTION-211 - add robustness info to wiki that may turn
into recommendation [ [on George Staikos - due 2007-05-02].
we may need to adjust due dates... they appear to not be recorded properly
Mez: is this something to be referred to another WG?
staikos: possibly
Editors discussion
I'd like to defer to tyler since he's been working on most of it recently
and I will chat with him offline
Tyler: thoughts laid out in email
<Mez_> can someone put in the url of tyler's email? I'll go looking...
Tyler: still more detail needed from people who brought up the lightning
topics
... need a champion for each recommendation
<Mez_>
[25]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0349.html
Tyler: and to help design the test
... will people who bring up topics be the champion for those topics?
... create a template for what the proposal should look like
... section on what usecases it addresses
... need more input on the template from everyone else
Mez: would like to hear from people who contribute to lightning discussions
... willing to do so for my lightning topics
DanSchutzer: willing to do so as well
Mez: mike, yngve... does this work?
McCormick: will a template be provided?
Mez: you can do it in two stages
... tyler can speak to when a template will be available
tyler: written up a usual...
... we develop a template together
... I could do it or we solicit feedback first
DanSchutzer: I'd be willing to do it..
... can we have a straw-man template
<scribe> ACTION: Tyler to create straw-man template for recommendations [ -
due 2007-05-11 ] [recorded in
[26]http://www.w3.org/2007/05/02-wsc-minutes.html#action07]
<trackbot> Created ACTION-212 - create straw-man template for
recommendations [ [on Tyler Close - due 2007-05-02].
Mez: earlier would be better if possible
Tyler: can I get feedback on other proposals outlined in email?
Mez: do we have an easy list to refer to?
Tyler: they're all listed in the note
Mez: 10.1 and 10.2
<Mez_> [27]http://www.w3.org/2006/WSC/drafts/note/#usability-principles
Tyler: yes... list of usability principles... should be based on this
Mez: I like the idea... anyone else?
Tyler: section that lists security information
... having a section of each recommendation referring to this would be
helpful
Mez: need a regular way for referring to these
Tyler: anyone else have suggestions on sections for the recommendation?
Mez: looking at the note... wondering if robustness proposals will have a
different set
Tyler: most of those would reference usability principles
Mez: a good first pass for template
... can imagine other references...
... presentation
... not sure they should be part of the template
Tyler: each section should list goals of the group it meets
... 4 hypothetical section for the template
... what do you need to read for recommendation?
*crickets chirping*
<tjh> thanks
Mez: you covered much of it...
... what kind of testing we do on each of these
... how do we get from a cluster of proposals to implementation and testing
... anyone have ideas on how they will be involved?
... think about how you might be involved and how we make that transition
... will bring it up in email
Tyler: at the last f2f, staikos talked about a scriptable browser
implementaiton
... for testing
<rachna> We should start with lo-fidelity testing to determine the set of
proposals that can be implemented in hi fidelity prototypes and tested
formally.
<staikos> (following along... sorry but it's just not ready enough yet - I
got side tracked with work and couldn't finish the last 5%)
tyler: what do you need in a proposal?
... for lo fidelity testing
rachna: can be done at any stage of the prototype...
<Mez_> staikos, what will you need from a proposal to figure out if it can
be implemented in the prototyping framework you're proposing use of?
rachna: need to specify the feature
... person who proposes it may need to propose how to test it
<staikos> just a detailed list of features. basically there is -nothing-
there
rachna: specify how or what to test each proposal
... need to be specific to make the prototype easier
... prototyping is a way to do design
... getting feedback on implementation
maritza: may need to have alternatives for testing
racha: may need to different variations on each proposal
Tyler: does your testing line up with our lightning discussions
rachna: some does.. tyring to differentiate whats in-scope and whats not
Tyler: are logotypes in scope
Mez: hasn't made a statement regarding them
... will try to identify when something is out of scope
Tyler: there is already a published rfc on logotypes
... sounds like they are fully-specified
... what sort of role do you (rachna) envision playing in the proposals?
... or focus more on testing?
rachna: can make proposals and can do testing
Tyler: any lightning proposals that you would like to write up for dublin?
rachna: yes
<serge> I need to get to another meeting.
<Mez_> so shawn, it's to put a lightening proposal in the wiki based on her
current work
<Mez_> as the action
<Mez_> by may 11
<scribe> ACTION: rachna to write a lightning proposal in the wiki based on
her work [ - due 2007-05-11 ] [recorded in
[28]http://www.w3.org/2007/05/02-wsc-minutes.html#action08]
<trackbot> Sorry, amibiguous username (more than one match) - rachna
<trackbot> Try using a different identifier, such as family name or username
(eg. rdhamija2, rdhamija)
<scribe> ACTION: rdhamija2 to write a lightning proposal in the wiki based
on her work [ - due 2007-05-11 ] [recorded in
[29]http://www.w3.org/2007/05/02-wsc-minutes.html#action09]
<trackbot> Created ACTION-213 - write a lightning proposal in the wiki based
on her work [ [on Rachna Dhamija - due 2007-05-02].
Mez: next week we're off
... will send a reminder
... thomas will be chairing next meeting on 16th
Summary of Action Items
[NEW] ACTION: McCormick to encapsulate error and anti-pattern info to wiki [
- due 2007-05-16 ] [recorded in
[30]http://www.w3.org/2007/05/02-wsc-minutes.html#action05]
[NEW] ACTION: McCormick to update favicons in wiki [ - due 2007-05-16 ]
[recorded in [31]http://www.w3.org/2007/05/02-wsc-minutes.html#action03]
[NEW] ACTION: Michael to update favicons in Wiki [recorded in
[32]http://www.w3.org/2007/05/02-wsc-minutes.html#action01]
[NEW] ACTION: Mike_McCormick to update favicon in wiki [ - due 2007-05-16 ]
[recorded in [33]http://www.w3.org/2007/05/02-wsc-minutes.html#action02]
[NEW] ACTION: rachna to write a lightning proposal in the wiki based on her
work [ - due 2007-05-11 ] [recorded in
[34]http://www.w3.org/2007/05/02-wsc-minutes.html#action08]
[NEW] ACTION: rdhamija2 to write a lightning proposal in the wiki based on
her work [ - due 2007-05-11 ] [recorded in
[35]http://www.w3.org/2007/05/02-wsc-minutes.html#action09]
[NEW] ACTION: staikos to add robustness info to wiki that may turn into
recommendation [ - due 2007-05-30 ] [recorded in
[36]http://www.w3.org/2007/05/02-wsc-minutes.html#action06]
[NEW] ACTION: Tyler to create straw-man template for recommendations [ - due
2007-05-11 ] [recorded in
[37]http://www.w3.org/2007/05/02-wsc-minutes.html#action07]
[NEW] ACTION: yngve to update wiki with recommendation on mixed content [ -
due 2007-05-16 ] [recorded in
[38]http://www.w3.org/2007/05/02-wsc-minutes.html#action04]
[End of minutes]
_________________________________________________________________
Minutes formatted by David Booth's [39]scribe.perl version 1.128 ([40]CVS
log)
$Date: 2007/05/16 21:13:02 $
References
1. http://www.w3.org/
2. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0356.html
3. http://www.w3.org/2007/05/02-wsc-irc
4. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#agenda
5. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item01
6. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item02
7. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item03
8. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item04
9. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item05
10. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item06
11. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item07
12. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#ActionSummary
13. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0356.html
14. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0256.html
15. http://www.w3.org/2007/05/02-wsc-minutes.html#action01
16. http://www.w3.org/2007/05/02-wsc-minutes.html#action02
17. http://www.w3.org/2007/05/02-wsc-minutes.html#action03
18. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html-
19. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html
20. http://www.w3.org/2007/05/02-wsc-minutes.html#action04
21. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0289.html
22. http://www.w3.org/2007/05/02-wsc-minutes.html#action05
23. http://www.w3.org/2006/WSC/wiki/NoteKDECurrentPractice
24. http://www.w3.org/2007/05/02-wsc-minutes.html#action06
25. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0349.html
26. http://www.w3.org/2007/05/02-wsc-minutes.html#action07
27. http://www.w3.org/2006/WSC/drafts/note/#usability-principles
28. http://www.w3.org/2007/05/02-wsc-minutes.html#action08
29. http://www.w3.org/2007/05/02-wsc-minutes.html#action09
30. http://www.w3.org/2007/05/02-wsc-minutes.html#action05
31. http://www.w3.org/2007/05/02-wsc-minutes.html#action03
32. http://www.w3.org/2007/05/02-wsc-minutes.html#action01
33. http://www.w3.org/2007/05/02-wsc-minutes.html#action02
34. http://www.w3.org/2007/05/02-wsc-minutes.html#action08
35. http://www.w3.org/2007/05/02-wsc-minutes.html#action09
36. http://www.w3.org/2007/05/02-wsc-minutes.html#action06
37. http://www.w3.org/2007/05/02-wsc-minutes.html#action07
38. http://www.w3.org/2007/05/02-wsc-minutes.html#action04
39. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
40. http://dev.w3.org/cvsweb/2002/scribe/
Received on Thursday, 17 May 2007 23:21:18 UTC