RE: Page Security Score proposal

Yes, but what are the colors referring to? What do we mean by secure? 

Secure link from browser to website? 

Secure in the sense that your PC is probably not affect? 

Secure that the website you are viewing is the website you intended to view?


Secure that what you are about to download is safe from infecting your PC? 

All of the above? Then you have a dashboard with some 4 different lights -
each light can be red, yellow, green - that might work - but the dashboard
better be impossible to tamper with

 

  _____  

From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On
Behalf Of Doyle, Bill
Sent: Sunday, June 17, 2007 5:47 PM
To: Timothy Hahn; public-wsc-wg@w3.org
Subject: RE: Page Security Score proposal

 

 

So, hate to go back to the car thing but a gauge with warning lights
standard colors - Red Yellow Green?? Yes some people still drive when the
Red Oil light comes on, but..

 

Gauge tells a user that it may be less than 100%, lets say 50%, but what is
wrong? Will additional information help a user maintain a secure posture?

 

Risk - can a user agent determine risk? The amount of risk could change
rating.

 

Bill D.

 

 


  _____  


From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On
Behalf Of Timothy Hahn
Sent: Saturday, June 16, 2007 12:16 AM
To: public-wsc-wg@w3.org
Subject: Re: Page Security Score proposal


Hi all, 

I'll offer a couple counter-points on list: 

 - North Carolina may be backwards, but every restaurant here must proudly
display their "cleanliness score" - it's presented as both a letter grade (A
is good ... C is ... um ... bad) and a number ... 92.5 is generally ok,
100.0 and boy you could eat off their floors.  Patrons don't have to think
too hard - the report card from the last inspection of the restaurant is
presented in a way that people have been familiar with since grade school.
Do I know how the calculation was computed? no.  Do I know what went into
it? no.  But I do look at it and use it as a "cue". 

 - it is my sense that people can understand analog-style guages
(speedometers, tachometers, temperature scales and so on).  And they can get
a feel for the difference between "low", "low-medium", "medium", and so
forth.  So some indicator with many gradations seems like it should be
interpretable without alot of book learning to go along with it (whether
that be a number scale, a color rainbow scale, or a speedometer-style needle
meter). 

- on Dan Schutzer's observation about people not being able to process more
than between 3 and 7 items.  I feel that a single "meter" with many
gradations is still one meter (counts as 1 in the things to be
understood/interpreted).  If we tried to put up 6 meters and asked our users
to use those together to try and get a feeling for the site, then yes, this
would fall into the situation of too much information to process (unless
you're an airline pilot or astronaut). 

- on the topic of whether we could ever get the computation "correct" - I'm
not sure it really matters if we get it correct or not.  I could envision
that some people (not the general populus) would get a kick out of coming up
with their own calculations and offering them to their friends and
neighbors.  And if this were wildly successful, someone else would gather up
all the various calculators and offer a "super-calculator" that would
summarize those.  This could even leverage collaboration-style social
networking capabilities ("I trust my 3 favorite friends and I value their
calculations.  My 'guage' is based on their guage values.").  In the end,
the anomolies in different calculations would smooth out.  (Hey, it almost
works for the Bowl Championship Series - as one off-the-wall example). 

So I still like the idea. 

Regards, 
Tim Hahn
IBM Distinguished Engineer

Internet: hahnt@us.ibm.com
Internal: Timothy Hahn/Durham/IBM@IBMUS
phone: 919.224.1565     tie-line: 8/687.1565
fax: 919.224.2530