W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2009

Re: Re: Request for Reviewers: Section 7.4 of Web Security Context: User Interface Guidelines; deadline Sep 24 ( LC-2255)

From: Mary Ellen Zurko <mzurko@us.ibm.com>
Date: Mon, 9 Nov 2009 15:41:22 -0500
To: "Adam Barth <w3c" <w3c@adambarth.com>
Cc: public-usable-authentication@w3.org,public-webapps <public-webapps@w3.org>,Thomas Roessler <tlr@w3.org>
Message-ID: <OF8A45D84F.81D3F891-ON85257669.006D9D1A-85257669.00718CF5@LocalDomain>
Hi Adam,

> It's too bad you didn't CC me on the discussion because I think you
> misunderstood several of my points.

Thanks. We've actually discussed your emails in meetings. I'm glad you've 
cleared up our misunderstanding. 

> Then what are you taking about?  I've attached two screen shots of
> this requirement being violated.  First, a <select> control is allowed
> to extend into the browser's address bar. 

Thanks. The Chrome rep had not thought about that example. We're 
discussing rewording to scope the item to obscuring SCI without user 
interactions, or taking it to a SHOULD. 

> Second, web content from
> Google is obscuring the EV indicator from Bank of America.

That would a user agent itself obscuring another user agent, not the web 
content itself. 

> > Innovative full screen solutions are covered in the interaction 
between
> > section 6.1.1 and section 7.1. Section 7.1 says the user agent cannot 
open
> > windows without security chrome, however section 6.1.1 specifically 
allows
> > for this when going into "presentation mode". The Flash behavior 
described
> > falls into this category.
> 
> Then the requirements are contradictory.  I recommend revising this
> requirement not to contradict the other parts of the spec.

We looked at it again; those requirements aren't contradictory. Sectin 7.1 
says should not without user interaction. That's presentation mode. 

> >> > Web user agents MUST NOT expose programming interfaces which permit
> >> installation of software without a user intervention.
> >>
> >> What does it mean to install software?
> >
> > Installing software means downloading it for later execution.
> 
> You've missed the point.  As desktop applications and web applications
> converge, these concepts become meaningless.  What does it mean to
> "download" or "execute" something?  Is AppCache covered by this
> requirement?  Surely that's "downloading" the cached bits of the web
> application for later "execution" (i.e., use of the web application).
> 
> What if a user agent keeps a list of the 10 most recently used web
> applications and stores them in the start menu as if they were native
> applications?  This would seem to violate this requirement yet seems
> perfectly sensible.

We discussed your examples. The point is that installing software that 
executes outside of a user agent leaves the security model of the user 
agent, and that is what 7.4.2 refers to. So we will clarify that. Thanks. 

> What is a bookmark file?  For example, are the sites featured on the

There was agreement that "bookmarks" is the right phrase, not "bookmark 
file". Thanks. 

> >> > Web user agents which offer this restriction SHOULD offer a way to
> >> extend permission to individual trusted sites. Failing to do so
> >> encourages users who desire the functionality on certain sites to
> >> disable the feature universally.

> the ability to draw the letter "e".  The justification for this
> requirement does not make sense because it pre-supposes that the
> browser gives the users certain alternatives.  Can my browser ignore

It speaks to certain alternatives but does not pre suppose them. It gives 
a motivation in a particular context, but doesn't preclude other contexts. 
Offering users a way to extend permission to trusted sites decreases the 
number of security messages users get when there is in fact no security 
issue. Which increases the overall potential for impact of the messages 
the rest of the time. 
Received on Monday, 9 November 2009 20:40:56 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:35 GMT