W3C home > Mailing lists > Public > public-wsc-wg@w3.org > April 2007

RE: ISSUE-36: presentation norms -- no oneSizeFitsAll (from public comments)

From: Robert Yonaitis <ryonaitis@hisoftware.com>
Date: Tue, 17 Apr 2007 19:30:40 -0400
Message-ID: <AAD1044DDFFCC84895A899314A72FB6CFFF3F4@be04.exg3.exghost.com>
To: "Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com>, "Web Security Context WG" <public-wsc-wg@w3.org>
   Hello:

 

I am actually looking at all of this now and I think I am coming to the
same conclusions on many and I am working at trying to understand the
scope of the document/group better this evening. I am leaving for
eastern Europe on Thursday so I should have all comments back by then. 

 

Thank You,

 

Rob Yonaitis

Yonaitis.com

 

________________________________

From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org]
On Behalf Of Mary Ellen Zurko
Sent: Tuesday, April 17, 2007 2:00 PM
To: Web Security Context WG
Subject: Re: ISSUE-36: presentation norms -- no oneSizeFitsAll (from
public comments)

 


I think from the number of times we and others have fallen into
confusion, we need another item for out of scope, that covers security
context information about the user to the site/server/service. I
propose:

5.n Other Security Challenges

As stated in the charter, the mission of the Web Security Context
Working Group is to specify a baseline set of security context
information that should be accessible to Web users, and practices for
the secure and usable presentation of this information, to enable users
to come to a better understanding of the context that they are operating
in when making trust decisions on the Web. While the work this group
does may have a positive and beneficial effect on other security
challenges on the web, directly addressing such challenges (including
user authentication to web sites, single sign-on, and security models
for active content on the web) are out of scope. 

I propose making it the first item in the Out of Scope section. 

I would also like to be sure that this group is appropriately informed
about any deployed or standards based efforts that condition
presentation to users (since it might impact how security context should
be conditioned). I can't tell from the IMG Global Learning Consortium
link that Al gave if it has any particular traction: 
http://www.imsglobal.org/accessibility/


Is anyone on this WG familiar with that work, or that area in general?
Robert Y, are you? 


          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect




Web Security Context Issue Tracker <dean+cgi@w3.org> 
Sent by: public-wsc-wg-request@w3.org

04/15/2007 10:45 AM

Please respond to
Web Security Context WG <public-wsc-wg@w3.org>

To

public-wsc-wg@w3.org

cc

 

Subject

ISSUE-36: presentation norms -- no oneSizeFitsAll (from public comments)

 

 

 






ISSUE-36: presentation norms -- no oneSizeFitsAll (from public comments)

http://www.w3.org/2006/WSC/Group/track/issues/36


Raised by: Bill Doyle
On product: All

>From public comments
raised by: Al Gilman Alfred.S.Gilman@ieee.org

http://lists.w3.org/Archives/Public/public-usable-

authentication/2007Apr/0000.html

presentation norms -- no oneSizeFitsAll 
where it says, in 2.3 Consistent presentation of security information
  The Working Group will recommend a set of terms, indicators and
  metaphors for consistent presentation of security information to
  users, across all web user agents. For each of these items, the
  Working Group will describe the intended user interpretation, as
  well as safe actions the user may respond with in common use cases.
please consider
The desired user interpretation of decisions and evidence are
fundamental; 
this belongs in the model.  It should not be limited to the 'normal
mode' 
dialog that is in the projection of the full model that is discussed
above.  
The presentation suggestions may be limited to the 'normal mode'
projection.  
But what the user should understand if they drill down deeper or skim
more 
lightly should be covered, not limited to the suggested summary dialog.
Yes, 
you want to introduce some terms and icons and the like whose consistent
use 
will enhance recognition of security information when it crosses the
user's 
bow.  But these are not the only prosodic tools that should be used to
convey 
this role in the web-dialog scene or world-let.
Why? 
In consideration of the diverse presentation and actuation bindings that
are 
required so that people with disabilities are afforded access to
information 
devices and services, realize that it is essential to define the
intended 
interpretation, which is of broad applicability, and then under
specified 
modality conditions indicate suggested representations.
Please consider
The IMS Global Learning Consortium has established a baseline of
metadata for 
both content and personal preferences.  Even 'though there is still
contention 
as to how single-sign-on should work, it is very broadly agreed that we
need 
this.  Single-sign-on will give us a convenient way to manage the
affordance 
of portable, personal preferences to qualifying sites.  Where these 
preferences are available, they should in particular be used up front to

condition the presentation of any sign-on dialog.  Single-sign-on with
the 
identity host brokering not only user authentication but presentation 
preferences is too important a user case for people with disabilities
for this 
use case to be left out of your plans, even if single-sign-on is not yet

pervasive in Web practice.












The information in this transmittal (including attachments, if any) is privileged and confidential and is intended only for the recipient(s) listed above.  Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient.  If you have received this transmittal in error, please notify me immediately by reply email and destroy all copies of the transmittal.  Thank you.
Received on Tuesday, 17 April 2007 23:30:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:46 GMT