public-wsc-wg@w3.org from January 2008 by subject

A review of Web Security Context's Scope and Use Cases -- Last Call

• Mary Ellen Zurko (Monday, 14 January)

ACTION-214 solicit commentary on Threat Trees from MITRE INFOSEC community Bill Doyle

• Mary Ellen Zurko (Friday, 11 January)

ACTION-317: Different notions of KCM in different parts of the document

• Thomas Roessler (Thursday, 17 January)

ACTION-334: Propose language on Bookmarks API

• Thomas Roessler (Saturday, 26 January)
• Anil Saldhana (Saturday, 26 January)

ACTION-336 OPEN Propose material for ISSUE-106 Stephen Farrell 2007-12-21

• Mary Ellen Zurko (Friday, 18 January)
• Mary Ellen Zurko (Friday, 11 January)

ACTION-340 OPEN Gather data about cost of TLS deployment Phillip Hallam-Baker 2007-12-10

• Hallam-Baker, Phillip (Friday, 4 January)
• Mary Ellen Zurko (Friday, 4 January)

ACTION-343 OPEN Begin examining some of the recommendations, write down the underlying assumptions for success, then list any prior studies that have already examined those assumptions, and possibly how to test the untested assumptions Serge Egelman 2007-12-21 User Studies

• Mary Ellen Zurko (Friday, 11 January)

ACTION-344, ISSUE-120: Proposed normative material on audio logotypes

• Mary Ellen Zurko (Wednesday, 16 January)

ACTION-345 OPEN Begin designing lo-fi user study for Browser Lockdown Maritza Johnson 2007-11-30

• Mary Ellen Zurko (Friday, 4 January)

ACTION-353: Convert Mozilla FPWD review notes into issues

• Johnathan Nightingale (Monday, 7 January)

ACTION-356: picture-in-picture attacks

• Thomas Roessler (Friday, 18 January)
• Ian Fette (Thursday, 17 January)
• Thomas Roessler (Thursday, 17 January)

ACTION-357: less conspicuous hovering effects

• Thomas Roessler (Thursday, 17 January)

ACTION-360: Mez's editorial nits; petnames in identity signal?

• Thomas Roessler (Wednesday, 30 January)

ACTION-361 OPEN review wsc-xit Phillip Hallam-Baker 2008-01-01

• Mary Ellen Zurko (Friday, 11 January)

ACTION-362 OPEN review wsc-xit William Eburn 2008-01-01

• Mary Ellen Zurko (Friday, 11 January)

ACTION-369: webarch implications of 7.2

• Thomas Roessler (Thursday, 17 January)
• Ian Fette (Thursday, 17 January)
• Thomas Roessler (Thursday, 17 January)

ACTION-372: Proposed replacement for 7.6

• Thomas Roessler (Thursday, 17 January)
• Ian Fette (Thursday, 17 January)
• Thomas Roessler (Thursday, 17 January)

ACTION-373 Poll al G about shoulder surfing attacks in context of assistive technologies

• Mary Ellen Zurko (Friday, 25 January)

ACTION-374 - proposed re-written text for 6.3, Page Security Score

• Mary Ellen Zurko (Thursday, 24 January)
• Johnathan Nightingale (Thursday, 24 January)
• William Eburn (Thursday, 24 January)
• michael.mccormick@wellsfargo.com (Thursday, 24 January)
• Serge Egelman (Thursday, 24 January)
• Serge Egelman (Thursday, 24 January)
• Ian Fette (Thursday, 24 January)
• michael.mccormick@wellsfargo.com (Thursday, 24 January)
• Dan Schutzer (Thursday, 24 January)
• Ian Fette (Thursday, 24 January)
• Timothy Hahn (Thursday, 24 January)
• Ian Fette (Wednesday, 23 January)
• Timothy Hahn (Wednesday, 23 January)
• Ian Fette (Wednesday, 23 January)
• Timothy Hahn (Wednesday, 23 January)
• Mary Ellen Zurko (Wednesday, 23 January)
• michael.mccormick@wellsfargo.com (Wednesday, 23 January)
• Timothy Hahn (Wednesday, 23 January)

ACTION-377: Hook for UIs in seciton 7.8

• Thomas Roessler (Wednesday, 23 January)

ACTION-380: Text for ISSUE-131

• Thomas Roessler (Thursday, 31 January)
• Ian Fette (Thursday, 31 January)
• Thomas Roessler (Thursday, 31 January)

ACTION-381: ISSUE-130 (consistent across devices) done

• Thomas Roessler (Thursday, 31 January)

Agenda: WSC WG distributed meeting, Wednesday, 2008-01-09

• Mary Ellen Zurko (Tuesday, 8 January)

Agenda: WSC WG distributed meeting, Wednesday, 2008-01-16

• Ian Fette (Wednesday, 16 January)
• Serge Egelman (Wednesday, 16 January)
• Mary Ellen Zurko (Tuesday, 15 January)

Agenda: WSC WG distributed meeting, Wednesday, 2008-01-23

• Timothy Hahn (Wednesday, 23 January)
• Dan Schutzer (Wednesday, 23 January)
• Mary Ellen Zurko (Tuesday, 22 January)

Agenda: WSC WG weekly 2008-01-30

• Serge Egelman (Wednesday, 30 January)
• Dan Schutzer (Tuesday, 29 January)
• Johnathan Nightingale (Tuesday, 29 January)
• Thomas Roessler (Tuesday, 29 January)

call for demos for the f2f

• Mary Ellen Zurko (Friday, 18 January)

Form editor question

• Stephen Farrell (Friday, 18 January)
• Johnathan Nightingale (Friday, 18 January)
• Stephen Farrell (Friday, 18 January)

How to write a good issue

• Mary Ellen Zurko (Wednesday, 23 January)

IE Favorites Feature May Allow Phishing

• Anil Saldhana (Saturday, 26 January)

Is the padlock a page security score?

• Robert Yonaitis (Monday, 14 January)
• Dan Schutzer (Monday, 14 January)
• Dan Schutzer (Monday, 14 January)
• Thomas Roessler (Sunday, 13 January)
• Michael Versace (Friday, 11 January)
• michael.mccormick@wellsfargo.com (Friday, 11 January)
• Serge Egelman (Friday, 11 January)
• Anil Saldhana (Friday, 11 January)
• Ian Fette (Friday, 11 January)
• Anil Saldhana (Friday, 11 January)
• Mike Beltzner (Friday, 11 January)
• michael.mccormick@wellsfargo.com (Friday, 11 January)
• Mike Beltzner (Friday, 11 January)
• michael.mccormick@wellsfargo.com (Friday, 11 January)
• michael.mccormick@wellsfargo.com (Friday, 11 January)
• Timothy Hahn (Friday, 11 January)
• William Eburn (Friday, 11 January)
• Ian Fette (Friday, 11 January)
• William Eburn (Friday, 11 January)
• Doyle, Bill (Friday, 11 January)
• Robert Yonaitis (Friday, 11 January)
• Mary Ellen Zurko (Friday, 11 January)
• Mike Beltzner (Friday, 11 January)
• Dan Schutzer (Friday, 11 January)
• Dan Schutzer (Friday, 11 January)
• Serge Egelman (Friday, 11 January)
• Robert Yonaitis (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• William Eburn (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• William Eburn (Thursday, 10 January)
• Robert Yonaitis (Thursday, 10 January)
• Anil Saldhana (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• William Eburn (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• William Eburn (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• Anil Saldhana (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Robert Yonaitis (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• Anil Saldhana (Thursday, 10 January)
• Anil Saldhana (Thursday, 10 January)
• Robert Yonaitis (Thursday, 10 January)
• William Eburn (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• Serge Egelman (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Anil Saldhana (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Dan Schutzer (Thursday, 10 January)
• Mike Beltzner (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Dan Schutzer (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Timothy Hahn (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Mike Beltzner (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Ian Fette (Thursday, 10 January)
• Anil Saldhana (Thursday, 10 January)
• michael.mccormick@wellsfargo.com (Thursday, 10 January)
• Timothy Hahn (Thursday, 10 January)
• Johnathan Nightingale (Thursday, 10 January)
• Mary Ellen Zurko (Thursday, 10 January)

ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]

• Close, Tyler J. (Tuesday, 8 January)
• Mary Ellen Zurko (Tuesday, 8 January)
• Ian Fette (Monday, 7 January)
• Close, Tyler J. (Monday, 7 January)
• Ian Fette (Monday, 7 January)
• Mary Ellen Zurko (Monday, 7 January)
• Close, Tyler J. (Monday, 7 January)
• Mary Ellen Zurko (Friday, 4 January)

ISSUE-131 (Code outside browser): Executing code outside of browser in 8.3.2.3 is vague / scary [All]

• Mike Beltzner (Wednesday, 2 January)
• Ian Fette (Wednesday, 2 January)
• Anil Saldhana (Wednesday, 2 January)
• Ian Fette (Wednesday, 2 January)
• Anil Saldhana (Wednesday, 2 January)

ISSUE-142: Page Security Score does not yet have enough content behind it [wsc-xit]

• Timothy Hahn (Wednesday, 2 January)

ISSUE-146: 7.1 to reference where xit talks about how identity is presented [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-147: Descriptions of certificate matching rules in SWFE need explanations somewhere [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-148: Downgrade ability to update an organization's name and address to SHOULD [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-149: Condense 7.2 to its first normative directive only [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-150: Abstract how user navigates to a site for establishing a new relationship

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-151: Make "similar" clearer (in choosing petnames) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-152: Clarify the point of "distinguishing" between static and other text in messages [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-153: Tie SWFE to secondary SCI [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-154: Provide unique labels for each message and use them consistently as references [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-155: Remove references to contacts option [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-156: Tighten and abstract seleting the text string [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-157: Masking only MUST for passwords [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-158: Abstracting and tightening editing of stored history [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-159: Merge 7.8 into 8.2 [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-160: Remove section 7.9 [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-161: Be clearer about security indicator images [wsc-xit]

• Ian Fette (Wednesday, 9 January)
• Doyle, Bill (Wednesday, 9 January)
• michael.mccormick@wellsfargo.com (Tuesday, 8 January)
• Serge Egelman (Sunday, 6 January)
• Ian Fette (Saturday, 5 January)
• Serge Egelman (Saturday, 5 January)
• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-162: Recognize there are other forms of network security [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-163: Make (sure) 9.4 is internally consistent [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-164: SSC != CoSL [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-165: Allow for (non default) configuration of notification of first time TLS interaction with a site [wsc-xit]

• Web Security Context Working Group Issue Tracker (Wednesday, 2 January)

ISSUE-166: Consider dropping section 5.2 in favour of "standard" matching algo, if appropriate.

• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-167: Should Section 5.3.1 specify normative details for a theoretical technology?

• Johnathan Nightingale (Monday, 7 January)
• Mary Ellen Zurko (Monday, 7 January)
• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-168: Section 5.5.2 might be over-restrictive, especially on first-visit-redirect [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-169: Section 5.5.3 creates a burden on browsers to remember past certificates

• Johnathan Nightingale (Monday, 7 January)
• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-170: 6.3 Seems more like extension/experimentation than standardization [wsc-xit]

• Mike Beltzner (Monday, 7 January)
• Timothy Hahn (Monday, 7 January)
• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-171: 7.8 Is unclear about data retention requirements [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-172: 7.9 Normative text assumes a service we don't otherwise mention or expect to exist [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-173: 8.1.1 Requires user testing for the purposes of conformance [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 7 January)

ISSUE-174 (5.4 wsc-xit comments): review wsc-xit - general comments section 5.4 (public comment) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 14 January)

ISSUE-175 (wsc-xit comment section 6.5): general comment section 6.5 table and bullet list (public comment) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 14 January)

ISSUE-176 (wsc-xit comment section 6.5 tls/ssl): general comment section 6.5 tls/ssl processing (public comment) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 14 January)

ISSUE-177 (wsc-xit comment section 6.5 tls/ssl pt2): general comment section 6.5 tls/ssl pt2 (public comment) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 14 January)

ISSUE-178 (wsc-xit comment section 10.2.2): general comment section 10.2.2 conceptual model (public comment) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 14 January)

ISSUE-179 (wsc-xit comment section 10.2.3): general comment section 10.2.3 (public comment) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 14 January)

ISSUE-180 (wsc-xit spelling mistakes ): wsc-xit spelling mistakes (public comment) [wsc-xit]

• Web Security Context Working Group Issue Tracker (Monday, 14 January)

ISSUE-181: Should there be an authoring practice suggesting http/https URI space consistency [wsc-xit]

• Web Security Context Working Group Issue Tracker (Thursday, 17 January)

May f2f plans - query on joint meeting with CABForum

• Johnathan Nightingale (Wednesday, 9 January)
• Ian Fette (Tuesday, 8 January)
• Mary Ellen Zurko (Tuesday, 8 January)

meeting conflict - only available for first 1/2 hour

• Doyle, Bill (Wednesday, 9 January)

Meeting record: WSC WG weekly 2007-12-19

• Thomas Roessler (Friday, 11 January)

Meeting record: WSC WG weekly 2008-01-09

• Thomas Roessler (Wednesday, 16 January)

Meeting record: WSC WG weekly 2008-01-16

• Thomas Roessler (Wednesday, 23 January)

Open Issues added to xit

• Anil Saldhana (Tuesday, 22 January)

Please review ACTION-367 results

• Thomas Roessler (Wednesday, 30 January)

Regrets for Jan-30 call

• Hal Lockhart (Tuesday, 29 January)

TLS/SSL robustness - high, medium, low

• Stephen Farrell (Tuesday, 8 January)
• Doyle, Bill (Tuesday, 8 January)
• michael.mccormick@wellsfargo.com (Tuesday, 8 January)
• Ian Fette (Tuesday, 8 January)
• Michael Versace (Tuesday, 8 January)
• Dan Schutzer (Tuesday, 8 January)
• Doyle, Bill (Tuesday, 8 January)

Troubles with KCM

• Ian Fette (Thursday, 24 January)
• Stephen Farrell (Thursday, 24 January)
• Serge Egelman (Wednesday, 23 January)
• Thomas Roessler (Wednesday, 23 January)

usecases comments Re: Comments on draft documents posted to the WSC wiki

• Ian Fette (Wednesday, 2 January)
• Ian Fette (Wednesday, 2 January)
• Mary Ellen Zurko (Wednesday, 2 January)

weekly call on 30 January

• Timothy Hahn (Tuesday, 29 January)

WSC Open Action Items

• Mary Ellen Zurko (Friday, 18 January)
• Mary Ellen Zurko (Friday, 11 January)
• Mary Ellen Zurko (Friday, 4 January)

WSC WG distributed meeting, Wednesday, 2008-01-16

• William Eburn (Wednesday, 16 January)

wsc-usecases comments Re: Comments on draft documents posted to the WSC wiki

• Mary Ellen Zurko (Wednesday, 2 January)

wsc-xit next steps

• Mary Ellen Zurko (Friday, 18 January)

WSC-XIT review

• Rachna Dhamija (Monday, 21 January)
• Close, Tyler J. (Thursday, 3 January)
• Mary Ellen Zurko (Thursday, 3 January)
• Close, Tyler J. (Thursday, 3 January)
• Stephen Farrell (Wednesday, 2 January)
• Mary Ellen Zurko (Wednesday, 2 January)
• Stephen Farrell (Tuesday, 1 January)

» Even SSL Gmail can get sidejacked | Zero Day | ZDNet.com

• Yngve Nysaeter Pettersen (Thursday, 31 January)

Last message date: Thursday, 31 January 2008 17:10:44 UTC