I would agree that a user should always be able to view and modify security-related configuration settings, but that if a user agent does their job correctly, it should not be necessary, especially for the user who would have trouble understanding the kind of detailed security configuration settings that one sees today in the Security tab _____ From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Mary Ellen Zurko Sent: Monday, November 26, 2007 11:36 AM To: Web Security Context Working Group WG Subject: Re: ISSUE-132: Update Section 10.1 of wsc-xit with information from updated browser lock down wiki page "A user agent MUST support a mode of operation whereby the user is unable to view or modify the security-related configuration settings. " It seems wrong to me that there is a mode where the user is unable to view the security related configuration settings. In every context I've ever been in, having some ability to get to more information if helpful. I would remove the "view or" part of this, unless I'm missing something.Received on Monday, 26 November 2007 17:16:53 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 February 2008 03:52:53 GMT