Re: ISSUE-38: no safe haven in presentation space (from public comments) from Thomas Roessler on 2007-07-19 (public-wsc-wg@w3.org from July 2007)

From: Thomas Roessler <tlr@w3.org>
Date: Thu, 19 Jul 2007 14:16:05 +0200
To: tyler.close@hp.com, wdoyle@mitre.org
Cc: public-wsc-wg@w3.org
Message-ID: <20070719121605.GA17587@raktajino.does-not-exist.org>

As resolved on our 18 July call,  this issue is closed. [1]

Tyler, please make the proposed change to the note and mark the
issue closed in tracker afterwards.

Thanks,
-- 
Thomas Roessler, W3C  <tlr@w3.org>






On 2007-07-11 14:13:37 +0200, Thomas Roessler wrote:
> From: Thomas Roessler <tlr@w3.org>
> To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
> Cc: public-wsc-wg@w3.org
> Date: Wed, 11 Jul 2007 14:13:37 +0200
> Subject: Re: ISSUE-38: no safe haven in presentation space (from public
> 	comments)
> X-Spam-Level: 
> X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.1.5
> 
> On 2007-06-15 16:45:39 -0400, Mary Ellen Zurko wrote:
> 
> > I said I'd try to add more strength and clarity to the text of
> > "directly addressing", as Bill and Tyler requested. Here's my
> > next iteration of the proposal: 
> 
> I like this text, and would suggest that (a) we include it with the
> note, (b) close this issue.  We'll also want to let Al know of the
> disposition of his comment.
> 
> > 5.n Other Security Challenges
> > 
> > As stated in the [http://www.w3.org/2005/Security/wsc-charter charter], 
> > the mission of the Web Security Context Working 
> > Group is to specify a baseline set of security context information that 
> > should be accessible to Web users, and practices for the secure and usable 
> > 
> > presentation of this information, to enable users to come to a better 
> > understanding of the context that they are operating in when making trust 
> > decisions on the Web. While the work this group does may have a positive 
> > and beneficial effect on other security challenges on the web, directly 
> > addressing such challenges is out of scope. Examples listed are listed in 
> > [http://www.w3.org/2006/WSC/drafts/note/#out-of-scope Out of Scope], 
> > including
> > [http://www.w3.org/2006/WSC/drafts/note/#vaporware protocols and data 
> > formats] and [http://www.w3.org/2006/WSC/drafts/note/#XSS content 
> > production exploits]. These examples are not
> > exhaustive. 
> > 
> 
> -- 
> Thomas Roessler, W3C  <tlr@w3.org>
> 
>

Received on Thursday, 19 July 2007 12:16:08 UTC