W3C home > Mailing lists > Public > public-usable-authentication@w3.org > January 2009

Re: [WSC-UI LC] approve with comments ( LC-2129)

From: <mzurko@us.ibm.com>
Date: Fri, 09 Jan 2009 20:03:03 +0000
To: Al Gilman <Alfred.S.Gilman@ieee.org>
Cc: public-usable-authentication@w3.org,wai-liaison@w3.org, Janina Sajka <janina@rednote.net>, Kenny Johar <kennyjohar@gmail.com>, hartmans-ietf@mit.edu
Message-Id: <E1LLNZP-0000G6-PQ@farnsworth.w3.org>

 Dear Al Gilman ,

The Web Security Context Working Group has reviewed the comments you sent
[1] on the Last Call Working Draft [2] of the Web Security Context: User
Interface Guidelines published on 24 Jul 2008. Thank you for having taken
the time to review the document and to send us comments!

The Working Group's response to your comment is included below.

Please review it carefully and let us know by email at
public-usable-authentication@w3.org if you agree with it or not before 26
January 2009. In case of disagreement, you are requested to provide a
specific solution for or a path to a consensus with the Working Group. If
such a consensus cannot be achieved, you will be given the opportunity to
raise a formal objection which will then be reviewed by the Director
during the transition of this document to the next stage in the W3C
Recommendation Track.


For the Web Security Context Working Group,
Thomas Roessler
W3C Staff Contact

 1. http://www.w3.org/mid/397CD30D-B9CC-41BE-8745-C51F23213A96@ieee.org
 2. http://www.w3.org/TR/2008/WD-wsc-ui-20080724/


Your comment on :
> This document appears to have successfully
> incorporated the feedback we gave you on the
> Requirements Note.  Thank you very much.
> Al
> /chair, PFWG
> PS:
> You asked us to help you respond to a comment
> you received from Sam Hartmans, with
> accessibility reasoning.
> http://lists.w3.org/Archives/Public/public-usable-authentication/ 
> 2008Aug/0003.html
> Kenny Johar looked at this and wants clarification from Sam
> before responding.
> Janina Sajka made the following good point:
> The sonicon for change in "security sensitivity" needs
> to be timely.  But what defines timely is not the visual
> display but the change in the severity or sensitivity of
> potential system responses to potentially-erroneous user
> input.  So what you should do is define (in abstract terms)
> the event as the change in input exposure to risk or
> hazard.  Then tie prompt announcement of this in visual
> and auditory media directly to that state change, not
> daisy-chain the timing of one off the other. Both the
>   auditory and visual displays need to be
> prompt in announcing elevated-risk states.  Not that they
> need to be strictly aligned in start time.  Where possible
> the start-time alignment should be achieved as well.
> Let's continue that discussion on public-usable-authentication@w3.org
> and not have PFWG _consensus_ in the loop to
> slow resolution.

Working Group Resolution (LC-2129):
Thank you. We have removed a number of items in wsc-ui due to lack of
implementation and testing, and this is one of the items that has been

Received on Friday, 9 January 2009 20:03:17 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 19:53:16 UTC