- From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Date: Fri, 9 Nov 2007 16:38:13 -0500
- To: public-usable-authentication@w3.org
- Message-ID: <OF05BBAE7D.BCEA9F1E-ON8525738E.0076B54C-8525738E.0076DB01@LocalDomain>
The Web Security Context WG announces the publication transitions of the
following three documents.
==========================================================
Web Security Context: Experience, Indicators, and Trust
W3C Working Draft 1 November 2007
This version:
http://www.w3.org/TR/2007/WD-wsc-xit-20071101/
Latest version:
http://www.w3.org/TR/wsc-xit/
First Public Working Draft transition announcement.
[This is a Recommendation-track specification.]
Transition request:
http://lists.w3.org/Archives/Member/chairs/2007OctDec/0053.html
Abstract
This specification defines guidelines and requirements for the
presentation and communication of Web security context information to
end-users; ceremonies for secure data entry; and good practices for Web
Site authors.
Status of this Document
This section describes the status of this document at the time of its
publication. Other documents may supersede this document. A list of
current W3C publications and the latest revision of this technical report
can be found in the W3C technical reports index at http://www.w3.org/TR/.
This is a First Public Working Draft of "Web Security Context: Experience,
Indicators, and Trust".
The Web Security Context Working Group is publishing this document to
provide a basis for initial review of and commentary on its work. The
Working Group has taken an inclusive approach toward publishing various
technical proposals in this First Public Working Draft. Inclusion of
technical material in this document does not indicate group consensus
about that material; some requirements stipulated in this document are
known to be mutually exclusive. No claims as to the efficacy of
usability-related material are made.
To facilitate access to relevant background, various sections of this
document are annotated with references to input documents that are
available from the the Working Group's Wiki, and to pertinent issues that
the group is tracking. The documents in the wiki include background,
motivation, and usability concerns on the proposals that reference them.
They provide important context for understanding the potential utility of
the proposals.
The Working Group expects to advance this Working Draft to Recommendation
Status.
Please send comments about this document to
public-usable-authentication@w3.org (with public archive).
Publication as a Working Draft does not imply endorsement by the W3C
Membership. This is a draft document and may be updated, replaced or
obsoleted by other documents at any time. It is inappropriate to cite this
document as other than work in progress.
This document was produced by a group operating under the 5 February 2004
W3C Patent Policy. W3C maintains a public list of any patent disclosures
made in connection with the deliverables of the group; that page also
includes instructions for disclosing a patent. An individual who has
actual knowledge of a patent which the individual believes contains
Essential Claim(s) must disclose the information in accordance with
section 6 of the W3C Patent Policy.
==========================================================
Web Security Experience, Indicators and Trust: Scope and Use Cases
W3C Working Draft 1 November 2007
This version:
http://www.w3.org/TR/2007/WD-wsc-usecases-20071101/
Latest version:
http://www.w3.org/TR/wsc-usecases/
[This will become a WG Note.]
The WSC WG has resolved to move the wsc-usecases note to Last Call:
http://lists.w3.org/Archives/Public/public-wsc-wg/2007Oct/0176.html
The WSC WG charter is at:
http://www.w3.org/2005/Security/wsc-charter
Abstract
This Note refines the objectives for the Web Security Context Working
Group deliverables. It elaborates upon the group's Charter [WSC-CHARTER]
to explain what the group aims to achieve, what technologies may be used
and how technical proposals will be evaluated. This elaboration is limited
to the group's technical work and does not cover additional activities the
group intends to engage in, such as ongoing outreach and education.
This Note also includes an initial collection of use cases that the group
expects will drive its technical work.
Since this Note discusses the assumptions, goals, and processes the group
will use to develop its recommendations, the intended audience is similiar
to that of the charter of the Working Group; group members, the W3C
community, developers of web user agents, web content providers (server
administrators), and parties interested and engaged in what the Web
Security Context Working Group's plans and directions are. It is
explicitly not targeted at the presumed beneficiaries of the group's work,
the users of the web, and it is not expected that an average user would be
able to read this document and understand it.
Status of this Document
This section describes the status of this document at the time of its
publication. Other documents may supersede this document. A list of
current W3C publications and the latest revision of this technical report
can be found in the W3C technical reports index at http://www.w3.org/TR/.
This is a Last Call Working Draft of "Web Security Experience, Indicators
and Trust: Scope and Use Cases". The W3C Membership and other interested
parties are invited to review the document and send comments to
public-usable-authentication@w3.org (with public archive) through 30
November 2007.
After addressing any issues raised as part of last call feed-back to this
document, the Working Group will publish its final version as a W3C
Working Group Note.
This document was produced by the Web Security Context Working Group, as
part of the Security Activity.
Publication as a Working Draft does not imply endorsement by the W3C
Membership. This is a draft document and may be updated, replaced or
obsoleted by other documents at any time. It is inappropriate to cite this
document as other than work in progress.
This document was produced by a group operating under the 5 February 2004
W3C Patent Policy. The group does not expect this document to become a W3C
Recommendation. W3C maintains a public list of any patent disclosures made
in connection with the deliverables of the group; that page also includes
instructions for disclosing a patent. An individual who has actual
knowledge of a patent which the individual believes contains Essential
Claim(s) must disclose the information in accordance with section 6 of the
W3C Patent Policy.
==========================================================
In addition, we are publishing wsc-threats as a Note:
Web User Interaction: Threat Trees
W3C Working Group Note 1 November 2007
This version:
http://www.w3.org/TR/2007/NOTE-wsc-threats-20071101/
Latest version:
http://www.w3.org/TR/wsc-threats/
Abstract
This Note includes threat trees used to analyze the threats that the
[WSC-XIT] responds to. It is a companion document to [WSC-USECASES].
Status of this Document
This section describes the status of this document at the time of its
publication. Other documents may supersede this document. A list of
current W3C publications and the latest revision of this technical report
can be found in the W3C technical reports index at http://www.w3.org/TR/.
This document is published as a companion document to [WSC-USECASES], to
make some of the group's analysis available to a larger public.
This document was developed by the Web Security Context Working Group.
The content of this document is mostly analytic. This document is
published as a snapshot, and may be updated and changed as needed when the
Working Group's analysis develops further.
Please send comments about this document to
public-usable-authentication@w3.org (with public archive).
Publication as a Working Group Note does not imply endorsement by the W3C
Membership. This is a draft document and may be updated, replaced or
obsoleted by other documents at any time. It is inappropriate to cite this
document as other than work in progress.
This document was produced by a group operating under the 5 February 2004
W3C Patent Policy. W3C maintains a public list of any patent disclosures
made in connection with the deliverables of the group; that page also
includes instructions for disclosing a patent. An individual who has
actual knowledge of a patent which the individual believes contains
Essential Claim(s) must disclose the information in accordance with
section 6 of the W3C Patent Policy.
==========================================================
Mary Ellen Zurko for the Web Security Context Working Group
Received on Friday, 9 November 2007 21:38:41 UTC