- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 8 Dec 2006 06:15:08 +0100
- To: "Hallam-Baker, Phillip" <pbaker@verisign.com>
- Cc: public-wsc-wg@w3.org
(For tracker's benefit, that's ACTION-33.) On 2006-12-07 11:57:00 -0800, Phillip Hallam-Baker wrote: > From: "Hallam-Baker, Phillip" <pbaker@verisign.com> > To: public-wsc-wg@w3.org > Date: Thu, 7 Dec 2006 11:57:00 -0800 > Subject: ACTION 33: Goals / Non Goals > List-Id: <public-wsc-wg.w3.org> > X-Spam-Level: > X-Archived-At: > http://www.w3.org/mid/198A730C2044DE4A96749D13E167AD37E7ED78@MOU1WNEXMB04.vcorp.ad.vrsn.com > > I spent some time trying to decant these from the minutes of the meeting, they appear to me to state what we want to do at the high level. How far do we want to drill down and give specifics? > > > Goals > > > * Catalog the existing context information provided to the users of the Web. > * Consider the interpretations that users reasonably infer from existing information. > * Set out a series of use cases and abuse cases specifying commonplace security sensitive Web transactions and likely forms of criminal attack respectively. > * Analyze context information the user requires to safely complete the proposed use cases and prevent abuse cases. > * Perform a gap analysis to identity areas where the context information provided to the user is either insufficient or misleading > * Propose changes to the presentation of existing context information and additional context information that might be provided to close the identified security gaps. > > > Non Goals > > > The group will not attempt to solve the following problems: > > * Provision of trustworthy computing platforms. > * Design of cryptographic algorithms or protocols. > -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 8 December 2006 05:14:57 UTC