W3C home > Mailing lists > Public > public-usable-authentication@w3.org > June 2006

Re: Secure Chrome and Secure MetaData

From: James A. Donald <jamesd@echeque.com>
Date: Wed, 21 Jun 2006 19:32:29 +1000
Message-ID: <4499122D.9030208@echeque.com>
To: "James A. Donald" <jamesd@echeque.com>, public-usable-authentication@w3.org

     --
Thomas Roessler wrote:
 > With respect to usability, this approach to scoping
 > quite consciously pushes one of the really hard
 > problems to the sidelines for the moment: How do you
 > get users out of routine? How do you wake them up, so
 > they become vigilant in the first place?

A solution that requires users to be vigilant is
unlikely to succeed. Security *should* be routine.  If
it requires conscious thought, it is a bug.

 > But please don't repeat over and over (together with
 > Chris Drake) that "the problem can't be broken into
 > pieces." This is not helpful at all.

Of course the problem can be broken into pieces - but
not pieces that suit application and organizational
boundaries.

     --digsig
          James A. Donald
      6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
      KR7GR+AE0d5uqnofH6Cx4xQvR0yE8EtGMjoH7pOG
      4zNjtYPLN+Yo6Q4t6wRSlaGZIGoI/lTg9LqG0nP3t
Received on Wednesday, 21 June 2006 09:32:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:34:14 GMT