- From: Mary Ellen Zurko <mzurko@us.ibm.com>
- Date: Fri, 26 Feb 2010 14:28:01 -0500
- To: Web Security Context Working Group WG <public-wsc-wg@w3.org>
- Message-ID: <OF07BB090F.7B8CABBF-ON852576D6.006AC528-852576D6.006AC95A@LocalDomain>
I agree with this change. From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org> To: public-wsc-wg@w3.org Date: 02/22/2010 06:50 PM Subject: ISSUE-241: TLS indicator in primary chrome [wsc-xit] Sent by: public-wsc-wg-request@w3.org ISSUE-241: TLS indicator in primary chrome [wsc-xit] http://www.w3.org/2006/WSC/track/issues/241 Raised by: Thomas Roessler On product: wsc-xit The CR version of this specification provided the possibility for the TLS indicator to be present in secondary chrome. None of the implementations make use of this option; all have it in primary chrome. All implementations also have a blank TLS indicator in the case of a usual HTTP connection. To match implemented behavior, proposed to change the first two paragraphs of 6.3 into: User agents MUST make information about the state of TLS protection available. The [Definition: TLS indicator] MUST be part of primary user interface during usage modes which entail the presence of signaling to the user beyond only presenting page content. As in the case of 6.1.1 Identity Signal, there may be usage modes during which this requirement does not apply. Web content MUST NOT obscure security interface, 7.4.1 Obscuring or disabling Security User Interfaces. User agents with a visual user interface SHOULD make the TLS indicator available in a consistent visual position.
Received on Friday, 26 February 2010 19:27:00 UTC