W3C home > Mailing lists > Public > public-usable-authentication@w3.org > April 2006

Re: Secure Chrome

From: George Staikos <staikos@kde.org>
Date: Sat, 22 Apr 2006 08:32:43 -0400
Cc: public-usable-authentication@w3.org
To: "Undisclosed.Recipients": ;
Message-Id: <200604220832.43234.staikos@kde.org>

On Friday 21 April 2006 15:58, Hallam-Baker, Phillip wrote:
> A user is a finite state machine, the states being:
> 1) Not suspicious
> 2) Suspicious
> 3) Phished
> 4) Safe
> I agree that it is pretty hard to raise an event that causes the user to
> change state from Not suspicious to suspicious.
> That is not the main point here. What I really want is a way to ensure that
> a user who enters the state suspicious reliably ends up in the state Safe.
> At the moment there is no way for the suspicious user to quickly and
> effectively determine whether they are under attack or not.

   I think that's a good point.  However it's also important to make sure that 
the suspicious state occurs before the user even starts to fill a form.  
Filling a form compromises the data even before the submit button is pressed.

George Staikos
KDE Developer				http://www.kde.org/
Staikos Computing Services Inc.		http://www.staikos.net/
Received on Saturday, 22 April 2006 12:39:54 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:53:15 UTC