- From: Ian Fette <ifette@google.com>
- Date: Fri, 3 Aug 2007 08:44:23 -0700
- To: "Web Security Context WG" <public-wsc-wg@w3.org>
- Message-ID: <bbeaa26f0708030844s712e1391xcb4179fcc253a033@mail.gmail.com>
Hi all, I took on an action item to create a new use case for notifying a user that a site they've previously visited is now blacklisted. I sent this out and there didn't seem to be much contention, the only reply was a "looks good" from Dan Schutzer and a polite email from Mez telling me that the subject should have been "ACTION-275". As such, I'm re-sending this, mostly for the tracker, with the correct subject. If you have any concerns with the below use case, please feel free to bring them up, otherwise I'd like to get this use case added into the Scope and Use Cases document. Betty tries to connect to a web site at <http://www.example.com/>. She visits this site frequently to read various news and articles. Since her last visit, the site example.com has been compromised by some method, andvisitors are now being infected with malware. A blacklist used by her user agent has since listed example.com as a known bad site, what warnings should Betty be presented with? Destination Site - Known, Prior visit Navigation - any Intended interaction - Information retrieval Actual interaction - software installation Note - This is slightly different than use case 19. It still deals with how to present results obtained from reputation services, but in the case of a user returning to a site that they believe to be "good" when that site is now believed to be compromised. Thanks, Ian Fette
Received on Friday, 3 August 2007 15:44:49 UTC