W3C home > Mailing lists > Public > public-wsc-wg@w3.org > July 2007

Re: ISSUE-38: no safe haven in presentation space (from public comments)

From: Thomas Roessler <tlr@w3.org>
Date: Wed, 11 Jul 2007 14:13:37 +0200
To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Cc: public-wsc-wg@w3.org
Message-ID: <20070711121337.GC8439@raktajino.does-not-exist.org>

On 2007-06-15 16:45:39 -0400, Mary Ellen Zurko wrote:

> I said I'd try to add more strength and clarity to the text of
> "directly addressing", as Bill and Tyler requested. Here's my
> next iteration of the proposal: 

I like this text, and would suggest that (a) we include it with the
note, (b) close this issue.  We'll also want to let Al know of the
disposition of his comment.

> 5.n Other Security Challenges
> 
> As stated in the [http://www.w3.org/2005/Security/wsc-charter charter], 
> the mission of the Web Security Context Working 
> Group is to specify a baseline set of security context information that 
> should be accessible to Web users, and practices for the secure and usable 
> 
> presentation of this information, to enable users to come to a better 
> understanding of the context that they are operating in when making trust 
> decisions on the Web. While the work this group does may have a positive 
> and beneficial effect on other security challenges on the web, directly 
> addressing such challenges is out of scope. Examples listed are listed in 
> [http://www.w3.org/2006/WSC/drafts/note/#out-of-scope Out of Scope], 
> including
> [http://www.w3.org/2006/WSC/drafts/note/#vaporware protocols and data 
> formats] and [http://www.w3.org/2006/WSC/drafts/note/#XSS content 
> production exploits]. These examples are not
> exhaustive. 
> 

-- 
Thomas Roessler, W3C  <tlr@w3.org>
Received on Wednesday, 11 July 2007 12:13:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:49 GMT