Re: ACTION-107 : Create a library of testcases / examples of attacks listed in section 8 from Mary Ellen Zurko on 2007-03-06 (public-wsc-wg@w3.org from March 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Tue, 6 Mar 2007 08:13:40 -0500
To: "Mike Beltzner <beltzner" <beltzner@mozilla.com>
Cc: Daniel Veditz <dveditz@mozilla.com>,Jesse Ruderman <jruderman@gmail.com>,public-wsc-wg@w3.org
Message-ID: <OFEB9B9E61.2EFC902E-ON85257296.00489201-85257296.0048A9F8@LocalDomain>

Thanks. 

What is "invisible password area" as an attack testcase?

What does "negative positioned window" do? If it puts the window off the 
display area entirely, how is that an attack? 

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect


public-wsc-wg-request@w3.org wrote on 03/06/2007 01:28:41 AM:

> 
> ACTION-107
> 
> In order to evaluate various browsers, a library of spoofing 
> testcases has been assembled. New browser technologies can use these 
> testcases to determine if they're susceptible to spoofing. I'm 
> looking mostly at Tyler and Stuart here, since I'm not the right one 
> to create/link to the various testcases. Here's the location on the 
> wiki:
> 
>      http://www.w3.org/2006/WSC/wiki/NoteTestCases
> 
> cc: Jesse Ruderman, Daniel Veditz, as they're long-time spoofing 
> testcase generators for Mozilla and might be able to help here.
> 
> This closes ACTION-107.
> 
> cheers,
> mike
>

Received on Tuesday, 6 March 2007 13:13:55 UTC