W3C home > Mailing lists > Public > public-wsc-wg@w3.org > January 2008

Re: ISSUE-161: Be clearer about security indicator images [wsc-xit]

From: Serge Egelman <egelman@cs.cmu.edu>
Date: Sat, 5 Jan 2008 05:46:30 -0500 (EST)
Message-ID: <50033.217.118.122.213.1199529990.squirrel@217.118.122.213>
To: "Web Security Context Working Group WG" <public-wsc-wg@w3.org>

> 
> ISSUE-161: Be clearer about security indicator images [wsc-xit]
> 
> http://www.w3.org/2006/WSC/track/issues/
> 
> Raised by: Mary Ellen Zurko On product: wsc-xit
> 
> 9.1
> 
> "trust indicating images" is way too general. Sites want to look
> trustworthy. If only behaving sites don't look trustworthy, only
> malicious sites will. My proposal:
> 
> Web pages MUST NOT include images used by widely deployed web user agents
> to represent specific security context states or values. For example,
> padlocks in the web content.
> 

But then aren't we still in the same place where "only behaving sites don't look trustworthy, only malicious sites will."  This would mean that only malicious sites will show padlocks in the content.


serge
Received on Saturday, 5 January 2008 10:46:34 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:20 UTC