W3C home > Mailing lists > Public > public-wsc-wg@w3.org > April 2007

RE: Safe Web Browsing Mode

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Fri, 20 Apr 2007 18:16:35 -0400
To: "Dan Schutzer" <dan.schutzer@fstc.org>,public-wsc-wg@w3.org
Message-ID: <OF75A38DD1.0FE4CAC8-ON852572C3.0057CAC2-852572C3.007A5E6A@LocalDomain>
Thanks for posting that Dan. 

"These websites can only be selected from an approved list of websites 
that have gone to some lengths (e.g. compliance with special PKI technical 
requirements (see Part 1: Technical below), and undergoing a rigorous 
certification and compliance process) to allow it to be reliably 
distinguished from spoof sites. Examples of such certification steps 
include: being able to prove the website is from a trusted top level 
domain (e.g. .bank); or having the site credentials verified by a Bridge 
Authority; or verified by an EV where special verification and compliance 
steps have been taken to provide a guaranteed level of trust). "

As a user, I'd want to use this for my work sites as well, which are not 
banks. I imagine that would be true of many users; they'd want to trust 
the sites associated with their place of work with PII or similiarly 
sensitive information. 

"(e.g. see FSTC BMA document entitled ?FSTC BMA Browser Recommendations?),
For that to be part of this discussion, we'll need a URL for it. Is it the 
document that Chuck shared for discussion at our last meeting?
At a glance, it's not clear to me which parts of that document cover the 
distinct look, and which part the items that should be turned off. But I 
think the latter won't be core to the initial discussion. 

"In fact, banks and other ?trusted sites? could incent users who only 
access them on-line via SBM Mode (e.g. provide loyalty points, safety 
guarantees, fee discounts or higher interest rates). "
I think they could only "know" that via updates in protocols, which are 
out of scope. But maybe I'm missing something. 

"To make SBM useful, three things must be true: a. users must be in SBM 
mode before there is any possibility of providing bogus FI sites with 
information b. users must be aware that they are in SBM c. users must 
understand that only legitimate ?trusted? websites will be accessible in 
SBM, and that it is therefore safe to provide information to sites that 
are accessible in SBM "
This is a really nice summary. What it brings home to me is the two-tier 
model of the proposal, which I struggle with. The more general it is, the 
wider the range of data the user could be asked to provide inappropriately 
(FIs could ask for something that would be company confidential, if it 
also includes my work sites). But the more narrow it is, the more attacks 
from totally unknown parties it leaves out. 

I see your proposal does in fact address some of those concerns, but 
conciously wants to leave them out "to start with". Do you mean for the 
duration of this WG's recommendations? (2nd to last paragraphy before the 
Part 1 - Technical). 

I really like this writeup. It puts together a whole proposal, but it's 
easy to look at each of the components as well (how the trustworthy sites 
are determined, for example, can be configurable or change over time; the 
set of things that cannot be done is a separable consideration).


Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect

"Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com> 
Sent by: public-wsc-wg-request@w3.org
04/19/2007 07:54 AM

"Dan Schutzer" <dan.schutzer@fstc.org>
RE: Safe Web Browsing Mode

Dan has posted an updated proposal on Safe WEb Browsing, which I hope 
we'll be able to discuss next week:



Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect
Received on Friday, 20 April 2007 22:16:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:15 UTC