- From: Thomas Roessler <tlr@w3.org>
- Date: Thu, 13 Sep 2007 22:22:13 +0200
- To: tyler.close@hp.com
- Cc: ifette@google.com, WSC WG <public-wsc-wg@w3.org>
Tyler, any reaction at all? Thanks, -- Thomas Roessler, W3C <tlr@w3.org> On 2007-09-12 18:40:50 +0200, Thomas Roessler wrote: > From: Thomas Roessler <tlr@w3.org> > To: ifette@google.com, tyler.close@hp.com > Cc: WSC WG <public-wsc-wg@w3.org> > Date: Wed, 12 Sep 2007 18:40:50 +0200 > Subject: Re: ISSUE-101: Create "visiting known site that is now malware" > use case as per ACTION-275 [Note: use cases etc.] > X-Spam-Level: > X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.5 > > Thanks Ian. > > As it looks like I'll be chairing the next call, here's what I plan > to do about this issue: > > - Please post any alternative proposals to the list *this* week. > - If there are several proposals, I'd appreciate discussion and > refinement by e-mail on the list. > - If there is only one proposal, we'll have a rather short > discussion (if any) on the call, and then see what the level of > support and objection is. > > Regards, > -- > Thomas Roessler, W3C <tlr@w3.org> > > > > > > > > On 2007-09-11 14:31:23 -0700, Ian Fette wrote: > > > Well, although consensus was declared, in subsequent meetings > > we've been going back and forth about this use case. Two main > > comments were raised - one is that the use case was too specific > > re: blacklisting (i.e. supposing the existence of a particular > > technology or method). This is probably a valid concern and as I > > said I'm happy to re-write the use case to address that concern. > > A second concern was seemingly deeper, more fundamental, raised > > by Tyler in the call and in multiple emails (I don't think I can > > really re-state it in a way that everyone would agree with, so I > > will simply say that there were other concerns raised by Tyler > > and leave it there). > > > > At the last meeting (or last-1?) there was a straw poll done to see > > how people felt about including the use case that has become Issue > > 101. (This is the malware use-case). It was a bunch of "Yes" and > > "Don't care"'s with one No. I'd really like to come to a point where > > we can move on. > > > > The original use case proposed was this: > > > > Betty tries to connect to a web site at <http://www.example.com/>. She > > visits this site frequently to read various news and articles. Since > > her last visit, the site example.com has been compromised by some > > method, and visitors are now being infected with malware. A blacklist > > used by her user agent has since listed example.com as a known bad > > site, what warnings should Betty be presented with? > > > > Destination Site > > - Known, Prior visit > > Navigation > > - any > > Intended interaction > > - Information retrieval > > Actual interaction > > - software installation > > Note > > > > - This is slightly different than use case 19. It still deals with how > > to present results obtained from reputation services, but in the case > > of a user returning to a site that they believe to be "good" when that > > site is now believed to be compromised. > > > > I'm happy to change it to the following if it would make people happier: > > > > Betty tries to connect to a web site at <http://www.example.com/>. She > > visits this site frequently to read various news and articles. Since > > her last visit, the site example.com has been compromised by some > > method, and visitors are now being infected with malware. At the time > > of the current request, Betty's user agent now has information saying > > that example.com is a known bad site. What warnings should Betty be > > presented with? > > > > Destination Site > > - Known, Prior visit > > Navigation > > - any > > Intended interaction > > - Information retrieval > > Actual interaction > > - software installation > > Note > > - This is slightly different than use case 19. It still deals with how > > to present results obtained from reputation services, but in the case > > of a user returning to a site that they believe to be "good" when that > > site is now believed to be compromised. > > > > This doesn't specifically mention blacklist, domain reputation > > services, anything like that - it's just saying that the browser > > somehow knows it's now a site that if Betty visits, bad things will > > happen. > > > > Do people prefer this new version? Or, more importantly, will this new > > version change anyone's [tyler] votes? Can we move on? > > > > -Ian > > > > On 8/24/07, Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com> wrote: > > > > > > http://www.w3.org/2006/WSC/track/issues/101 > > > > > > Over a week. I declare concensus. > > > > > > Tyler, please fold in. > > > > > > Please also add Ian's name to the acknowledgements. > > > > > > Mez > > > > > > Mary Ellen Zurko, STSM, IBM Lotus CTO Office (t/l 333-6389) > > > Lotus/WPLC Security Strategy and Patent Innovation Architect > > > > > > > > > > > >
Received on Thursday, 13 September 2007 20:22:18 UTC