W3C home > Mailing lists > Public > public-wsc-wg@w3.org > June 2008

Re: ACTION-487 Review and polish Overview section

From: Thomas Roessler <tlr@w3.org>
Date: Sun, 15 Jun 2008 12:44:13 +0200
To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Cc: public-wsc-wg@w3.org
Message-ID: <20080615104413.GU306@iCoaster.does-not-exist.org>

On 2008-06-13 08:57:02 -0400, Mary Ellen Zurko wrote:

> I've tweaked it a bit. Comments and suggestions welcome: 

Looks good to me.

> 
> This specification deals with the trust decisions that users must make 
> online, and with ways that user agents support them in making safe and 
> informed decisions where possible.
> In order to achieve that goal, this specification includes recommendations 
> on the presentation of identity information and other security context 
> information by Web user agents. We also include recommendations on 
> handling errors in security protocols. The error handling recommendations 
> both minimize the trust decisions left to users, and  represent known best 
> practice in inducing users toward safe behavior where they have to make 
> these decisions. To complement the interaction and decision related parts 
> of this specification, 7 Robustness addresses the question of how the 
> communication of context information needed to make decisions can be made 
> more robust against attacks.
> This document specifies user interactions with a goal toward making 
> security usable, based on known best practice in this area. Subsequent 
> testing of this specification will include conformance, interoperability, 
> and usability teting.

I wonder if the testing related sentence here isn't most
appropriately put into the Status of This Document section.

> This specification comes with two companion documents: [WSC-USECASES] 
> documents the use cases and assumptions that underly this specification. 
> [WSC-THREATS] documents the Working Group's threat analysis.
> 

-- 
Thomas Roessler, W3C  <tlr@w3.org>
Received on Sunday, 15 June 2008 12:28:20 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 15 June 2008 12:28:21 GMT