ISSUE-241: TLS indicator in primary chrome [wsc-xit] from Web Security Context Working Group Issue Tracker on 2010-02-22 (public-wsc-wg@w3.org from February 2010)

From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Mon, 22 Feb 2010 23:16:48 +0000 (GMT)
To: public-wsc-wg@w3.org
Message-Id: <20100222231648.E52357F46F@otto.w3.org>

ISSUE-241: TLS indicator in primary chrome [wsc-xit]

http://www.w3.org/2006/WSC/track/issues/241

Raised by: Thomas Roessler
On product: wsc-xit

The CR version of this specification provided the possibility for the TLS indicator to be present in secondary chrome. None of the implementations make use of this option; all have it in primary chrome.  All implementations also have a blank TLS indicator in the case of a usual HTTP connection.

To match implemented behavior, proposed to change the first two paragraphs of 6.3 into:

User agents MUST make information about the state of TLS protection available. The [Definition: TLS indicator] MUST be part of primary user interface during usage modes which entail the presence of signaling to the user beyond only presenting page content. As in the case of 6.1.1 Identity Signal, there may be usage modes during which this requirement does not apply. Web content MUST NOT obscure security interface, 7.4.1 Obscuring or disabling Security User Interfaces.

User agents with a visual user interface SHOULD make the TLS indicator available in a consistent visual position.

Received on Monday, 22 February 2010 23:16:50 UTC