- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Mon, 12 Feb 2007 16:31:36 +0000
- To: Brad Porter <brad@tellme.com>
- Cc: "W3C Security (Public)" <public-wsc-wg@w3.org>
Doesn't that ignore confidentiality requirements? (Although I like the line of thinking.) Brad Porter wrote: > > In general, with the web, the goal of security is to transparently > protect the user. Browsers that support sandboxing are trying to > transparently protect the user from malicious applications. The only > two cases where the browser needs to make any assertions to the user are > the following: > > 1) Establishing the veracity of the information on a site > 2) Establishing that you are submitting your information to the party > you intended > > I would argue that people are generally aware of the veracity of any > information on the web is questionable. So the question becomes, are we > trying to make any statements about the veracity of information on a > site? If not, then we can punt on #1 and focus instead on #2. > > Number two only occurs when submitting information and is a very active > instead of passive act. (I'm intentionally ignoring click-stream type > data leaks as they could be handled by proper sandbox restrictions.) > This suggests that for 98% of what people do, they don't need any > security indicators from the browser. They only need to verity the > security when submitting their data. This suggests that presentation of > security context information could be late-binding instead of > omnipresent and integrated into the task-flow instead of passive, which > might help address a number of the problems with the current mechanisms. > > --Brad > >
Received on Monday, 12 February 2007 16:30:45 UTC