- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 8 Aug 2007 18:50:33 +0200
- To: Mike Beltzner <beltzner@mozilla.com>
- Cc: WSC WG <public-wsc-wg@w3.org>
On 2007-08-08 12:32:57 -0400, Mike Beltzner wrote: > Sorry to not have been on the call last week. I can tell you that > the NECCESSARY techniques that MUST be implemented by a > conforming web user agent (as per 7.1.3) are unrealistic in terms > of meshing with user experience, and are, I think, throwing the > baby out with the bathwater. Specifically the requirement to not > show a favicon in the Location Bar. I seem to recall that this requirement was discussed at length at the face-to-face in Dublin, without you objecting against this requirement? Since you are using the plural, I'd also like to understand what your objection is against the second technique (no favicons in dialogues intended to enable trust decisions) -- this one is basically about, say, a certificate dialogue, where you'd specifically not want branding to be under the control of the potential attacker. > The favicon has become the visual avatar of a website, allowing > for brand association, and easing several tasks including > scanning through bookmarks, history and tabs to ease the task of > locating (or recalling) a specific entry. The text is phrased relatively carefully to not forbid any of these practices -- as you may recall, there was discussion about "outlawing" favicons completely back in Dublin. > This entire section seems to exist because security indicators > presently look like favicons, and since the website can simply > copy that image and make the favicon look like a security > indicator, easy spoofing and confusion is possible. Well, it also exists because security indicators are being displayed far too close to the favicon... -- Thomas Roessler, W3C <tlr@w3.org>
Received on Wednesday, 8 August 2007 16:50:41 UTC