Re: UI issues for security consideration from Mary Ellen Zurko on 2009-12-01 (public-web-security@w3.org from December 2009)

From: Mary Ellen Zurko <mzurko@us.ibm.com>
Date: Tue, 1 Dec 2009 16:21:05 -0500
To: "David Singer <singer" <singer@apple.com>
Cc: public-web-security@w3.org
Message-ID: <OFD5DA66C2.7B3A2BB5-ON8525767F.0075275E-8525767F.00752FCE@LocalDomain>

The spoofing section makes me think this might be useful:

http://www.w3.org/TR/wsc-usecases/#problems

          Mez





From:
David Singer <singer@apple.com>
To:
public-web-security@w3.org
Date:
12/01/2009 02:45 PM
Subject:
UI issues for security consideration
Sent by:
public-web-security-request@w3.org



Hi

Thomas asked me to start the page on security issues at the UI (or with 
the interaction between UI and user).  I have typed something very brief 
into the Wiki at <http://www.w3.org/Security/wiki/Trusted_User_Interface>, 
with introductory sentences on spoofing and clickjacking.  I am sure there 
are other UI level security issues that should be there, and it might be 
good to have examples (it might be bad also - we don't want to supply a 
cookbook to would-be malefactors) or pointers to 'well-known' examples of 
previous, um, 'art'.

Have at it...

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Tuesday, 1 December 2009 21:20:41 UTC