- From: Hal Lockhart <hlockhar@bea.com>
- Date: Tue, 2 Jan 2007 06:47:07 -0800
- To: <public-wsc-wg@w3.org>
ACTION-56 I am re-titling this action to better reflect what I had in mind. During the Dec-19 call I suggested that although there seems to be a strong consensus around not specifying any kind of algorithms for determining if accessing a given web site represents a higher or lower risk by examining its history, content or other information, we should at least keep open the possibility that we specify a standard way to indicate to the user what the browser thinks the risk level is. Possibilities include: colors like red, yellow, green; a thermometer type display; numbers between 1 and 100; etc. My reasons for allowing for this kind of approach are: 1. Users will not be exposed to the underlying algorithm directly; therefore browsers are likely to use distinct means to indicate essentially the same risk semantics. It would be more desirable, if possible, to show some standardized display which users could be trained to look for in all browsers. 2. The algorithms underlying existing displays, such as the padlock are not completely defined or identical across all browsers, yet we can agree that they fundamentally have the same significance. Even if risk algorithms change over time, either to improve accuracy or to counter changes made by black hats, as long as the practical meaning remains essentially the same, a standard indication will be beneficial. --- That said, I am by no means certain that we can actually come to consensus about a common meaning which we expect to remain reasonably stable and relevant for say 5 years. Thus my argument at this point is merely NOT to rule this indicator out of scope. Hal
Received on Tuesday, 2 January 2007 14:47:18 UTC