[Bug 19066] New: generic 3rd-party <mark>, Smart Tags, and Accelerators prevention

https://www.w3.org/Bugs/Public/show_bug.cgi?id=19066

           Summary: generic 3rd-party <mark>, Smart Tags, and Accelerators
                    prevention
           Product: HTML WG
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: HTML5 spec
        AssignedTo: dave.null@w3.org
        ReportedBy: contributor@whatwg.org
         QAContact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-wg-issue-tracking@w3.org,
                    public-html@w3.org


This was was cloned from bug 6606 as part of operation LATER convergence.
Originally filed: 2009-02-22 06:53:00 +0000
Original reporter: Nick Levinson <Nick_Levinson@yahoo.com>

================================================================================
 #0   Nick Levinson                                   2009-02-22 06:53:00 +0000 
--------------------------------------------------------------------------------
Could you please add a brand-independent method for preventing anything
resembling Microsoft's Smart Tags or Activities from taking effect as to a Web
page? If the <mark> element is intended to be introduceable by servers other
than the website owner's, then that should be preventable.

A technology that allows turning a website owner's content into a link should
require the website owner's agreement.

Microsoft developed Smart Tags for a beta release of Internet Explorer 6, then 
withdrew it for the final release of that version. For a time, Microsoft's
website described a preventive tag that site owners could code into their HTML
at no cost. However, Microsoft has withdrawn that description, which now can be
found only on other sites. Microsoft reportedly has also offered something
comparable to Smart Tags called Activities for Internet Explorer 8 Beta 1, the
details of which I don't know and how a website owner can turn it off I don't
know, and it has instituted it for some applications, creating a problem when
document files are shared among institutions with different policies.

Harm can arise when users are unaware that the link is not the site owner's. A
subtle difference such as double-underlining is insufficient notice, since no
onsite legend describes it and only the technically savvy would know how to
find out if no one nearby knows. Contexts in which it can be misused include 
competitive use and misinformation. For example, a person committed to a health
cure that is scientifically invalid could mark up health sites to link to a
dangerous product on sale, even if the marked site belongs to, say, National
Institutes of Health, Mayo Clinic, or a local physician and there's no
theoretical or clinical evidence in support of the alternative. A porn purveyor
could mark up content on children's or men's websites or business sites. An
airline could mark up a competing airline's website. All of these could be
reversed, too. If someone can make a deal with a browser maker so that when a
page is accessed the browser also signals a second URL from which to retrieve
tags and links from an advertising seller, or can provide a consented-to
toolbar that gets the second URL, the problem could easily spread beyond one
browser maker.

While each inventor of technology can produce a workaround against any
preventive, if your preventive is sufficiently generic it could be harder to
sidestep it legally, much as is the case with robots.txt files, which are not
specific to any particular bot design, yet are helpful to website owners.

This responds to <http://www.w3.org/TR/html5/single-page/>, Working Draft, 12
February 2009. For Bugzilla, I selected all OSes; I develop on Win95a and 98SE
and Linux and want pages to work on whatever users use.

Thank you.

-- 
Nick
================================================================================
 #1   Lachlan Hunt                                    2009-02-22 10:50:32 +0000 
--------------------------------------------------------------------------------
(In reply to comment #0)
> Could you please add a brand-independent method for preventing anything
> resembling Microsoft's Smart Tags or Activities from taking effect as to a Web
> page?

Please, no.

> If the <mark> element is intended to be introduceable by servers other
> than the website owner's, then that should be preventable.

No, this is a misunderstanding of the mark element's purpose.  If a 3rd party
server can inject markup into another site's content, then that's a major
security problem, but it is independent from HTML itself.  It is also not how
the mark element is intended to be used.

> A technology that allows turning a website owner's content into a link should
> require the website owner's agreement.

That is not true.  Once the content is in the user's possession, then their
tools can do whatever they want to the content on their behalf.  See this
article I wrote about Google AutoLink that debunks all the arguments I saw that
were made against such features.

http://lachy.id.au/log/2005/03/google-autolink

However, this is entirely unrelated to the purpose of the <mark> element.

> Harm can arise when users are unaware that the link is not the site owner's.

This is true, but what a user agent does with the content on the user's behalf
is not in the site owner's control.  However, browser vendors do have a social
responsibility to ensure they don't deceive users, but that is outside the
scope of HTML.

> For Bugzilla, I selected all OSes;

Ignore the OS field for spec bugs.  Bugzilla has features designed for tracking
software bugs that aren't relevant for everything.

> I develop on Win95a and 98SE...

Are you serious?  Surely, running Linux with WINE is enough for running the
Windows apps you need, if you don't have access to more modern Windows
releases.
================================================================================
 #2   Nick Levinson                                   2009-02-24 05:11:50 +0000 
--------------------------------------------------------------------------------
Your blog article is thoughtful. But:

I hope we're not debating whether property rights should exist. You may
certainly interpret my creation but you can't change it and claim that's my
interpretation. The insertion of dotted underlines and double underlines is not
by the site owner. Most people don't know the difference in meaning between
single- and double-underscores or solid and dotted, and they reasonably assume
the website owner inserted both kinds for the same purpose. It's bad enough
that I, as a site owner, must take the affirmative step of blocking them, and
worse that I have to do so on every page and not just once site-wide. It's even
worse if I'm not allowed to block at all. The alternative of no one both owning
and controlling a website is not feasible in today's world. When I see a major
Linux website with a popup ad for SCO Unix, if I didn't know how that happened
I'd be right to question the legitimacy of that entire Linux site and all its
content.

Owners do have a right to control how anyone's user agent presents the owner's
page, to the extent that if the browser is standards-compliant and the site
owner has access to those standards they may design accordingly and, unless the
end user opts to make changes to the browser, the site owner may expect the
presentation to come within a reasonable range of expectations. That's why
Microsoft's permission is needed before an intermediary (other than a foreign
national government) may alter the results the Microsoft MSN search engine
gives users and claim it's what Microsoft supplied. Otherwise, imagine if
someone, say, Microsoft or some child, could use browsers worldwide to alter a
Saudi or Venezuelan national website's presentation to appear to give away all
their oil. Browser owners and sellers have more than a social responsibility of
nondeception; it's a legal duty if they offer faithful presentation but go way
off course. If a browser supplier offers HTML standards compliance, what's
needed is a standard that assures that the viewing experience will, within
reason, conform to the page author's intent. In the U.S., warranties of
merchantibility, fitness for use, and acceptability don't even have to be
stated in product literature because they're embodied in law and they apply
even if a browser's lit doesn't mention HTML per se. Since Windows is sold with
the browser included as an inducement to buy, the same warranties would likely
require something like HTML compliance for Win. When computers are sold with
Win as an inducement to buy, the same principle applies to the computer as a
whole with Win and IE. And if Microsoft or a competitor wants to announce that
they'll no longer support HTML, which they can, without a replacement feature
their business would likely plummet. So, while not ironclad, HTML is part of
the law governing browsers.

Providers like Google and Microsoft are not utilities entitled to monopolize
under U.S. law so as to justify regulating their services more closely. Thus,
if the user-agent link-adding is lawful, they may carry advertisements on these
services and that's not generally anticompetitive. Thus, it makes sense for a
business to block a competitor's ads from appearing as if from the first
business's website. But without information on who is advertising when, they
need to be able to block all such activity.

If I want to read an article in a major magazine, I may get the magazine in
hard copy or find an online site from the magazine's publisher. I may also go
to a third-party provider of magazine articles, such as EbscoHost, ProQuest, or
Nexis. We do not expect them to rewrite the articles (although they may if,
say, an original publisher was sued for libel and saw fit to order changes by
all reproducers, not to mention errors due to optical scanning of text (OCR)).
In general, they don't modify them and that fits our use expectations. That
kind of expectation applies to most Web content as seen in our browsers.

Framing is a technology that presents a similar problem. While one author's
frame around another author's work may be clear as to distinction of content
ownership, it may be not at all clear, and a frame may even have no visual
border at all. U.S. laws such as that against unfair competition and
misrepresentation provide some protection, but the shortage of protection is
why some sites use legal terms to forbid framing, probably not very
successfully. However, the problem count is smaller since, to my knowledge,
framing isn't done by user agents but by single sites. Browsers and toolbars
raise the scale and the need.

On HTML's role in security attacks via the mark tag, you're probably right, but
I'll get a bit technically legal here in support of a small rewording: HTML5's
role in a security breech would come if it grants permission to system
designers, as I saw in this statement: "Another example of the mark element is
highlighting parts of a document that are matching some search string. If
someone looked at a document, and the server knew that the user was searching
for the word 'kitten', then the server might return the document with one
paragraph modified as follows: . . . . <mark>kitten</mark> . . . ." Section
4.6.7. That looks like permission for the server to interject markup into a
byte stream. Given that many people in large organizations view outside
websites in a way that involves at least two servers per visit, one hosting and
others not, the section seems to be permission for any nonhost server to sell
advertising or comment on content as if it's the author's commentary. Thus, the
security breech would be furthered by HTML as permission. However, as I didn't
find any reference in the document to any server that wasn't acting on a served
document somehow as authorized, e.g., by checking a certificate, if you're
right that the intent was not as I feared, then we should propose rewording the
HTML standard before finalization so only the site owner's server might mark
the string if nonowners are to be conformant.

I'm not an attorney and laws vary by nation and circumstance, but if you
believe there's any error in the above please let us know.

That some services come with conditions that are user-approved is legally true
but not with users' knowledge in most cases. People rarely read terms of
service. Intelligent people rarely read them. Lawyers rarely read them. They
rarely read them even when installation cannot proceed until an option to agree
has been clicked on and probably even if scrolling to the end of the terms is
prerequisite. (I wonder if most computer geeks read them.) I read or skim them
but many people consider me weird, strange, eccentric, etc. Who has liability
(quality of notice is a little-discussed legal issue in U.S. law) is one
question. Whether the user has actual knowledge and not just a duty to know is
another question. Because of the huge numbers of users involved and their
reliance on what they find on the Internet, I think we should be on the side of
recognizing that the lack of actual knowledge on the part of most users,
including intelligent users, should lead us to be cautious on how legal rights
of other parties should be handled.

Institutional intermediaries present another problem. A public library offers
computers requiring little more than a library card for access (a library card
in my city requires little more than a piece of mail as proof of residence).
Recently, a major library disabled access to ads appearing on certain sites. I
could still access my email account but ads sent by other servers to the email
inbox were blocked. A staff aide said the library did the blocking. I do recall
a user not knowing that a banner graphic was an ad. (Yahoo seems to have made
distinguishing top-of-page sponsored links from search results more subtle.) In
short, many people use computers under other parties' control and don't know
that content may be changed. They think they're seeing the Internet and
assurance should be provided that they're likely seeing what the page authors
intended unless the user has taken extra steps to diverge, as a disabled user
might when wanting high-contrast layouts. Natural-language translation services
I've seen generally effectively use an opt-in system.

Links being graphically different according to function is inadequate when many
sites make their links graphically different for no reason other than
aesthetics, thus effectively teaching users that links being graphically
different has no meaning, or, more realistically, that it often has no meaning,
when the thing over there is just a link. That occurs not only on leading-edge
designs with few non-specialist visitors but also on major high-traffic
high-visitor-count high-amateur-visitor-count corporate sites. That occurs
despite usability advice to use standard looks for links. It occurs often.

I develop on Win9x partly because I'm a cheapskate (and they're licensed) but
also because anything developed on older versions is likely to work on newer,
unlike the inverse, and I've tested already-uploaded websites at public
terminals with newer Win. Wine is in a cat-and-mouse game with Microsoft and MS
is pretty well able to keep its quarry in a mousehole just by staying ahead on
specs without telling the Wine programmers, who must keep looking at the latest
MS versions and thus can't spend as much time fine-tuning compatibility with
older versions. I wish otherwise. Open source is better quality. MS has the
right to be proprietary and could outperform OSS if MS put its managerial mind
to it, but they're too busy trying, inter alia, to hijack our content, thus the
request for a means to block Activities or whatever they want to call them
next. I noticed that the instruction offered by MS on their website on how to
block Smart Tags was apparently no longer on their website, but only on
third-party websites. While MS has a rational reason for its removal, namely
that it was relevant only to a beta release and they don't support beta
releases after their time has passed, they should have left it up and should
assure similar tools for future technologies will be provided from the
beginning.

I'm perfectly capable of creating an ordinary link from a book title on my own
site to a bookstore's online offer, or from an address to a map. If I don't
serve my visitors very well, I risk losing my visitors. That risk should be
left to me, as the site owner. I do not care for Microsoft's paternalism.

-- 
Nick
================================================================================
 #3   Nick Levinson                                   2009-04-04 22:42:58 +0000 
--------------------------------------------------------------------------------
A partial solution may have been instituted, first by Microsoft applicable to
Internet Explorer 5 and later and then by HTML 5: the attribute
oncontextmenu="return false" added to the body element or any, maybe every,
other element.

Credit goes to a Usenet poster
(<http://groups.google.com/group/microsoft.public.internetexplorer.general/browse_thread/thread/cf6f11a21ebb0a04>).
I did suggest at a website forum on Web authoring the possibility of testing to
verify that this works, but haven't heard back. (I don't have a platform for
IE8.)

What this is supposed to do is block the context menu. If IE8 Accelerators are
only in the context menu and not in any other menus, fine. If they're also
elsewhere, then the attribute is not good enough. Since the feature is in IE8
Beta, possibly MS will use the final release to put Accelerators into a regular
menu in addition, thus defeating the attribute value. Also, if the context menu
has any other command that's not an Accelerator but also is not in the menubar
menus, then this attribute value may be excessive. And if IE8 has or will have
two context menus, one for Accelerators and the other for other commands, the
Accelerators context menu may not respond to this attribute value.

It also doesn't meet the legal need for an all-platform all-UA all-tool method,
so that anyone claiming compliance has to offer website authors a way to block
any similar technology.

If left to a proprietor, say, Microsoft, I'm concerned they'll want to punish
us, like they tried to do to people who wanted to use non-MS software with Win,
in this case by disabling much more than just Accelerators by making their
browser noncompliant apart from Accelerator absence.

So we still need a brand-independent method.

Thank you.

-- 
Nick
================================================================================
 #4   Nick Levinson                                   2009-04-05 02:48:22 +0000 
--------------------------------------------------------------------------------
The <mark> discussion is now in Bug 6774. Discussion here has been quoted
there.

Thank you.

-- 
Nick
================================================================================
 #5   Ian 'Hixie' Hickson                             2009-06-28 10:17:24 +0000 
--------------------------------------------------------------------------------
It is intended that users be able to do whatever they like (locally) to an HTML
page, including using a tool that adds links if they feel like it.

They are not generally allowed to redistribute the work due to copyright law,
but the legal system should be used to enforce that. Technical solutions can't
be used, since they can be trivially circumvented.
================================================================================
 #6   Nick Levinson                                   2009-06-28 20:24:11 +0000 
--------------------------------------------------------------------------------
Yes, users can and should be allowed to as now, as long as they know they're
doing it.

The problem is that many don't know. A majority will likely think it's part of
the website owner's content. Most users are amateurs. They don't know how to
tell links apart for ownership, especially after so many well-reputed sites
apply unusual link styles.

If something is illegal and should be, technical means are a legitimate
complement to the judiciary. Microsoft isn't about to sue every illegal copier
of its OS but does use activation, numbering, and other technical means.
Password access to many websites such as part of Google's is a complement to a
law against unauthorized entry.

While a narrowly-drawn rule and a general principle both often can be gotten
around, each has its strengths. In commerce, laws against fraud and
misrepresentation often work successfully even before supplementation with
specific laws, and have the strength of working against newly invented
misdeeds.

I imagine some Joe's Fly-By-Night Mortgage Broker advertising on the U.S.
Treasury Department's website or the old Union Bank of Switzerland's website
without Treasury or UBS knowing about it and the visitor thinking Joe's cheap
loans are endorsed by an important government agency or a really big bank.
Since the technology would allow a browser maker to sell ads through too-subtle
links, the user wouldn't usually know the difference and the website owner
wouldn't know it's going on till they hear from small borrowers with
complaints.

Intermediate control further deprives the end user of control. Some
institutions disable some browser commands or alter Web pages as they arrive at
terminals without user input (other than entering a URL). So even some users
who are computer-savvy lack control against third-party edits.

Can we come up with something for HTML5 that technologically protects website
owners while letting users who intentionally change their copies still do so?

Thanks.

-- 
Nick
================================================================================
 #7   Ian 'Hixie' Hickson                             2009-06-28 21:02:49 +0000 
--------------------------------------------------------------------------------
There is no way for a third party to modify a page on another server. We don't
need to add anything to prevent that because it is already prevented. If it
wasn't, the Web would have collapsed years ago.
================================================================================
 #8   Nick Levinson                                   2009-06-29 03:32:25 +0000 
--------------------------------------------------------------------------------
The technical round-up is at Bug 6774, Comment #10
(http://www.w3.org/Bugs/Public/show_bug.cgi?id=6774#c10).

That a collapse has not occurred is a testament to law's power and
persuasiveness. Rewriting is generally illegal without permission. Now there
would be legal permission. Sale of computers that include OSes and browsers for
purposes stated by customers (e.g., browsing the Internet), thus implying the
offer of standards compliance when that's necessary to fulfill a stated
purpose, generally incur the warranty of fitness for a particular use, which in
many places is not disclaimable notwithstanding EULAs and contracts. If one of
those standards says it's okay for a user's computer to mark other people's
sites up, then third-party markup at those computers being sold will be
allowed.

While MS won't seek to destroy its bread and butter, it won't try to sell ads
so profligately that few people visit the Web anymore, the way some other
Internet services have been abused and then lost popularity. But if you visit
MIT's website and can't be sure that you're looking at MIT's content, the Web's
value in general will shrivel. Delivering website content as site owners'
intend will aid Web safety and content richness.

Thanks.

-- 
Nick
================================================================================
 #9   Ian 'Hixie' Hickson                             2009-06-29 05:10:35 +0000 
--------------------------------------------------------------------------------
No, that's wrong on two counts. One, HTML5 doesn't change the legal status of
this whatsoever, and two, it really already isn't possible. The reason no
collapse has occurred is that it isn't possible, not that it isn't legal --
plenty of people try incredibly hard to do it every single day. In fact there
is an entire industry set up around exploiting the few bugs that sometimes get
out that allow it in some way (known as cross-site scripting).
================================================================================
 #10  Nick Levinson                                   2009-06-29 09:25:19 +0000 
--------------------------------------------------------------------------------
(Correcting minor errors in my last post: "While" should have been "Because"
and "owners'" should have been a plural, not a genitive.)

=====

HTML5 changes the legal status by granting permission where none was before. If
it was before, I must have missed it; can anyone cite any provision of HTML
4.01 or XHTML 1.0 that grants a third party any permission to change what
people see of a site without the owner's consent? If not, then this is new.

Cracking, spamming, phishing, DDoS, etc. is a large industry underground, but
is dwarfed by aboveground industry. McMafia, a book by a former BBC reporter,
reports that the underground economy adds about 20-25% to gross world product;
the U.S. Internal Revenue Service (the principal tax collectors) has estimated
about 10% of the national economy is illegally unreported. If most of the
world's economy was suddenly run by major felons, a widely spread-out Internet
would be hopelessly corrupted, with standards being vague, backbone operators
bribed, etc. It's mostly not; that's hardly ever even alleged. Criminals tend
to stay away from audit trails unless they have a confederate; abovegrounders
tend to fix them. Most of the world acts approximately legally. Legal
permissions have real effects. When telecom companies in the U.S. came up with
the bad idea that was defeated through the net neutrality movement, the
telecoms came up with that within a few weeks of gaining the legal permission
that was prerequisite. Once the legal permission for third-party markup is
present, aboveground industry will gradually split between those wanting mainly
to exploit it and those needing mainly to defend themselves and their sites as
perceived by innocent users.

Thanks.

-- 
Nick
================================================================================
 #11  Ian 'Hixie' Hickson                             2009-06-29 09:48:26 +0000 
--------------------------------------------------------------------------------
> HTML5 changes the legal status by granting permission where none was before. If
> it was before, I must have missed it; can anyone cite any provision of HTML
> 4.01 or XHTML 1.0 that grants a third party any permission to change what
> people see of a site without the owner's consent? If not, then this is new.

HTML5 doesn't grant (or deny) any such permission, nor does HTML4.
================================================================================
 #12  Nick Levinson                                   2009-06-30 07:56:45 +0000 
--------------------------------------------------------------------------------
HTML5 grants and denies permissions and imposes requirements, or will when in
effect. "Elements . . . in HTML are defined (by this specification) to have
certain meanings (semantics). . . ."/"Authors must not use elements . . . for
purposes other than their appropriate intended semantic purpose." Section
3.3.1. In that context, section 4.6.7, saying what the mark tag "represents",
grants permission for its representation, and gives "highlighting parts of a
document that are matching some search string . . . . [i]f someone looked at a
document, and the server knew that the user was searching for the word
'kitten', then the server might return the document with one paragraph modified
[with "kitten" enclosed in the mark element]" as a positive example.

The consequence of violation of HTML5 is being noncompliant with the standard,
once functionally finalized and adopted. Noncompliance is in degrees. Being
noncompliant is a problem for the UA maker and offerer and for the computer
maker and offerer who includes the UA to meet a customer's stated needs. To the
extent Web browsing requires HTML, the UA and computer offerers must make their
product comply with an HTML standard. Flexibility is allowed but not unlimited.
That's already law.

W3C as a standards creator (if not by contract) has much more room. If the
standard meets a need, it may be relied on by those with the legal duties. If
not, a computer maker can stop providing the product or find another solution,
e.g., another standard. Or they can become noncompliant in order to meet
customers' needs. That would make a standard increasingly irrelevant,
encouraging development of another standard.

The same general rule applies to a customer whose stated use is to create or
host a website. Standards compliance is already a legal matter there, too.

HTML, v5 or earlier, as a markup language, is already a collection of
requirements, permissions, proscriptions, and silences that collectively
already have legal effect. If W3C ignores that and goes contrary to legal needs
of others, it risks irrelevance. Thus, the concern is with the mark kitten-type
permission. Within compliance, the mark standard will give permission for
misuse.

Thanks.

-- 
Nick
================================================================================
 #13  Ian 'Hixie' Hickson                             2009-06-30 11:07:02 +0000 
--------------------------------------------------------------------------------
The text you quote regarding <mark> is talking about the originating server.
That's the one controlled by the author. If we don't let the author modify his
own document, how is he going to write any documents at all?
================================================================================
 #14  Nick Levinson                                   2009-07-01 09:02:32 +0000 
--------------------------------------------------------------------------------
There's no objection  to the website owner marking up their own pages with all
uses of the mark tag and other tags.

I was responding to the view that HTML5 would neither give or deny permission
for anything relevant. I was showing that it would. I agree with most of those
permissions and denials, including most of those associated with the mark tag,
and was focusing attention on just one permission.

A specific proposal on the mark element is at
<http://www.w3.org/Bugs/Public/show_bug.cgi?id=6774#c16>.

Thanks.

-- 
Nick
================================================================================
 #15  Nick Levinson                                   2009-07-01 09:13:24 +0000 
--------------------------------------------------------------------------------
There's no objection  to the website owner marking up their own pages with all
uses of the mark tag and other tags.

I was responding to the view that HTML5 would neither give or deny permission
for anything relevant. I was showing that it would. I agree with most of those
permissions and denials, including most of those associated with the mark tag,
and was focusing attention on just one permission.

A specific proposal on the mark element is at
<http://www.w3.org/Bugs/Public/show_bug.cgi?id=6774#c16>.

Thanks.

-- 
Nick
================================================================================
 #16  Nick Levinson                                   2009-07-01 09:32:22 +0000 
--------------------------------------------------------------------------------
Sorry about the dupe. The ack page was incomplete (probably network break), I
refreshed, okayed resending post data, got a nak due to midair collision of
comment with itself, thought midair meant neither one had appeared yet,
submitted my change, and now I don't see how to get the 2d out. Oh, well.

-- 
Nick
================================================================================
 #17  Ian 'Hixie' Hickson                             2009-08-08 01:42:32 +0000 
--------------------------------------------------------------------------------
I really don't understand this bug report, sorry. Could you briefly but
precisely specify what you think should be changed?
================================================================================
 #18  Nick Levinson                                   2009-08-14 15:11:19 +0000 
--------------------------------------------------------------------------------
I propose this for HTML5, based on W3C Working Draft of 23 April 2009
(http://www.w3.org/TR/html5/single-page/) and the editor's draft
(http://www.w3.org/html/wg/html5/ redirecting to
http://dev.w3.org/html5/spec/Overview.html), both as accessed 8-12-09--8-13-09:

In section 2.2, insert these paragraphs immediately after the Note and before
the paragraph on categories of UAs ("User agents fall into several
(overlapping) categories . . . .") and preferably assign a subsection number
(also subsectioning the rest of the section):

"User agents must render a conformant document consistently with the author's
intent represented by the document and its style, except to the extent
otherwise chosen by the user. This may allow a range of renderings for a single
document; if so and to that extent, the user agent must render a conformant
document in a way that is consistent with the author's intent represented by
the document and its style, except to the extent otherwise chosen by the user.

"Interactivity must be rendered so that the user sees the state of all
interactive controls before any change resulting from interactivity. User
agents must not assume the user's intent except to the extent otherwise chosen
by the user.

"With respect to such rendering of conformant documents and of such
interactivity, each such choice by a user shall be clear to the user even if
the user is an ordinary user. Considering the user as an individual, if such a
choice is made by an individual other than the user or, if permitted under this
specification, by the user agent, each such choice and the distinction from the
absence of all such choices shall be clear to the user even if the user is an
ordinary user. A user agent's capability to make each such choice clear must
not be capable of being disabled.

"Submission of a form must be with the postcompletion consent of the user
treated as an ordinary user. Such postcompletion is after completion or
operation of one or more controls or, if completion or operation of every
control is optional, after an opportunity to, at the user's immediate option,
manually complete or operate or autocomplete or auto-operate all controls even
if none are completed or operated.

"An ordinary user is an individual or other user who has only minimal knowledge
of the sum of how computers, user agents, networking, the Internet, the World
Wide Web, websites, scripts, markup, HTML, XHTML, and styles work. The ordinary
user may have more than minimal knowledge, and may have great knowledge in
noncomputer subjects, but must not be expected to. For example, almost no
ordinary user has knowledge of any relevant promulgated standards but may
instead base their knowledge on limited practical experience with one user
agent and various websites without knowing which ones are standards-compliant
and which are not. Because many websites that are frequented by ordinary users
have a variety of appearances not specifically sanctioned by any publicly
disseminated standards or specifications, an ordinary user must not be expected
to know that a new design has a new meaning, unless that new meaning is clearly
explained to that user at the time of exposure or soon before. An ordinary user
must not be expected to be familiar with computer or user agent features,
including features that provide help and menu commands, since, for ordinary
users, many such features may have been disabled or placed beyond reach by an
institution permitting use of a computer.

"Absent such a choice by a user, for all documents having the same HTML markup
such a rendering shall be uniform over time across all such documents
regardless of website and for all documents lacking any HTML markup such a
rendering shall be uniform over time across all such documents regardless of
website."

In section 10, in general, merely expecting a rendering to reflect the page
author's intent is not enough. Rather than expect, require. I propose editing
section 10 accordingly.

Thank you.

-- 
Nick
================================================================================
 #19  Nick Levinson                                   2009-08-14 15:24:27 +0000 
--------------------------------------------------------------------------------
About the above proposal:

Ordinary users include neophytes and would be accommodated while preserving
access to all website content and while supporting advanced users. The ordinary
user is distinguished from the average user, because the average user is about
half way up the scale of expertise. Under an average, half of all users lack
their skill and understanding, which makes them especially vulnerable to being
misled or defrauded, and they are a common target. Supporting Web popularity
requires usability for a wider group of potential users, including infrequent
users, children, older people who never learned the Internet, and single-site
users who are visiting new sites. On the other hand, a user has to be assumed
to have at least a little computer skill, as it's probably impracticable to
design a UA for users with no knowledge and users who know nothing are usually
being guided and taught or aren't allowed on the machines.

The proposal will allow a UA to offer and apply multiple style sheets to all
websites. Where its styling is consistent with author intent, the UA maker
won't have to explain its characteristics in words to users; thus, proprietary
makers may stay that way and preserve their trade secrets. A human being may
set their browser and enjoy the Web as they wish, including for entertainment,
security, accessibility despite disabilities, coping with illiteracy, and
technical compatibility. A disabled user may have institutional assistance; for
example, a hospital can modify all their browsers so visually-impaired patients
can use the styling they prefer. A corporate employer may configure a uniform
style, such as a limit of two fonts, for all sites being viewed, and so may a
custodian of people, such as a parent of minor children or a prison warden.

A browser may autocomplete an HTML form, but only after rendering it, since
this provision regulates how content is rendered. Form fields can be rendered
as the original page owner prefers before being autofilled or manually filled.
A user may opt for autofilling without ever seeing the form, as far as this
provision is concerned, as long as the option is clear even to a low-skill
user. The same applies to all other controls within a form.

Where a page author is vague about how a document should be rendered, the UA
has all the choices that implies, subject to a requirement for uniformity of
interpretation of similar vaguenesses across all websites and over time, and
subject to user choices.

An original page owner is free to do as they wish under this provision. Many
manipulations will be allowed if even a low-skill user understands they're not
part of the original page and opts for those manipulations. For example, a page
owner may include scripts, may redirect, and may respond differently to
different browsers and different referers with different content. An original
page owner may even contract with a UA maker to permit unfamiliar links
supporting ad sales, custom search results, and anything else they agree on as
if the original page owner designed the page that way.

What this forbids is anyone lacking the original page owner's permission
selecting particular websites or website content, such as certain words, and
applying a style, graphic, or sound to the rendering or in transmission (i.e.,
after departure from the original server) in a way that most users would think
is being done by the original page owner. Thus, for example, because a
double-underline for a link to a browser-generated ad with different ownership
is too subtle for most users, the UA adding that to a page is forbidden. With
respect to most users, the same is true of context menu commands that are
unique to portions of content when ownership of what the context menu generates
is not that of the website being viewed. This would also reduce the number of
ownership-confusing technologies that might arise in the future.

Thank you.

-- 
Nick
================================================================================
 #20  Nick Levinson                                   2009-09-12 22:06:25 +0000 
--------------------------------------------------------------------------------
When requiring accurate rendering by a UA, an acceptable exception would be
where the UA states on screen that it is not. This supports artistic,
experimental, and other nonstandard renderings. The ability to provide the
notice must not be subject to an on/off setting the user does not control.

Rendering that is consistent with CSS or that is subject to no UA-independent
definition anywhere (viz., in a standard or a promulgated style) should be
considered accurate if it is rendered reasonably.

Thanks.

-- 
Nick
================================================================================
 #21  Ian 'Hixie' Hickson                             2009-09-22 08:35:24 +0000 
--------------------------------------------------------------------------------
> In section 2.2, insert these paragraphs immediately after the Note and before
> the paragraph on categories of UAs ("User agents fall into several
> (overlapping) categories . . . .") and preferably assign a subsection number
> (also subsectioning the rest of the section):
> 
> "User agents must render a conformant document consistently with the author's
> intent represented by the document and its style, except to the extent
> otherwise chosen by the user. This may allow a range of renderings for a single
> document; if so and to that extent, the user agent must render a conformant
> document in a way that is consistent with the author's intent represented by
> the document and its style, except to the extent otherwise chosen by the user.

This is already required by the spec.


> "Interactivity must be rendered so that the user sees the state of all
> interactive controls before any change resulting from interactivity.

That doesn't seem compatible with what pages rely on.


> User
> agents must not assume the user's intent except to the extent otherwise chosen
> by the user.

I have no idea how one would test this.


> "With respect to such rendering of conformant documents and of such
> interactivity, each such choice by a user shall be clear to the user even if
> the user is an ordinary user.

I have no idea what this means.


> Considering the user as an individual, if such a
> choice is made by an individual other than the user or, if permitted under this
> specification, by the user agent, each such choice and the distinction from the
> absence of all such choices shall be clear to the user even if the user is an
> ordinary user. A user agent's capability to make each such choice clear must
> not be capable of being disabled.

What is this trying to say?


> "Submission of a form must be with the postcompletion consent of the user
> treated as an ordinary user. Such postcompletion is after completion or
> operation of one or more controls or, if completion or operation of every
> control is optional, after an opportunity to, at the user's immediate option,
> manually complete or operate or autocomplete or auto-operate all controls even
> if none are completed or operated.

I seriously have no idea whatsoever what this means.


> "An ordinary user is an individual or other user who has only minimal knowledge
> of the sum of how computers, user agents, networking, the Internet, the World
> Wide Web, websites, scripts, markup, HTML, XHTML, and styles work. The ordinary
> user may have more than minimal knowledge, and may have great knowledge in
> noncomputer subjects, but must not be expected to. For example, almost no
> ordinary user has knowledge of any relevant promulgated standards but may
> instead base their knowledge on limited practical experience with one user
> agent and various websites without knowing which ones are standards-compliant
> and which are not.

It seems highly unusual to write conformance criteria which depend on the
education of the user.


> Because many websites that are frequented by ordinary users
> have a variety of appearances not specifically sanctioned by any publicly
> disseminated standards or specifications, an ordinary user must not be expected
> to know that a new design has a new meaning, unless that new meaning is clearly
> explained to that user at the time of exposure or soon before.

I guess this is saying "Users might not understand things they haven't seen
before"? If so, that seems obvious and it would not be necessary for us to say
it explicitly.


> An ordinary user
> must not be expected to be familiar with computer or user agent features,
> including features that provide help and menu commands, since, for ordinary
> users, many such features may have been disabled or placed beyond reach by an
> institution permitting use of a computer.

This is definitely out of scope for the HTML5 specification.


> "Absent such a choice by a user, for all documents having the same HTML markup
> such a rendering shall be uniform over time across all such documents
> regardless of website and for all documents lacking any HTML markup such a
> rendering shall be uniform over time across all such documents regardless of
> website."

I don't understand what value this adds to the specification.



I disagree with the premise of the request — user agents should be allowed to
render things however they like, so long as it is consistent with the
document's semantics.

If you disagree with this, please escalate this to the working group chairs.
================================================================================
 #22  Nick Levinson                                   2009-10-11 22:05:44 +0000 
--------------------------------------------------------------------------------
> I disagree with the premise of the request â?" [sic]
> user agents should be allowed to render things however
> they like, so long as it is consistent with the
> document's semantics.

f the spec were to require consistency with semantics, that would help, but
secton 11 (formerly 10) lets them off of that hook. It only expects; it doesn't
require semantic consistency.

> This [rendering conformant with the author's intent
> except as the user otherwise chooses] is already
> required by the spec.

Section 11 makes it an expectation, not a requirement, creating a loophole in
standards compliance and, I think, overcoming section 2.

>> [From my proposal to amend section 2.2:]
>> [". . . .] User agents must not assume the user's
>> intent except to the extent otherwise chosen by the
>> user.[ . . . . ."]

> I have no idea how one would test this.

A UA needn't know (test for) the difference; it could simply default. And it
could use local history to assume more about a user's wishes. Forms shouldn't
be edited according to a UA's assumptions about what a user would like, such as
by gratuitously filling in fields or editing spelling. Not every spelling
correction is itself correct, and it can change meanings.

I'm anticipating because that's already done in a word processor and the same
manufacturer's UAs already add content to websites as received without
distinguishing ownership or asking the site owners. While MS Word isn't a Web
app, MS makes browsers that add apparent content to what users perceive, and MS
Word used to have an author field it auto-filled without my even knowing about
it, and which I had to empty every time I did a save-as lest my copyright be
jeopardized (it was at a public terminal and MS declared the computer owner as
the author of my work). So I anticipate MS will start filling in some forms
without telling us, if it suits their advertisers.

I probably shouldn't have used the word "otherwise". If that's what's throwing
you off, that's my fault. The point is that a user should decide what a user
puts into a form. An autofill feature should be under the user's opt-in
control.

>> "Interactivity must be rendered so that the user
>> sees the state of all interactive controls before
>> any change resulting from interactivity.[ . . . ."]

> That doesn't seem compatible with what pages rely on.

Pages rely on a user's input, including a user's acceptance of a default. UA
designers who believe they can add features to a page as the user receives it,
e.g., double-underlining to signify another owner's content, presumably can
fill in forms as if the user wanted that done, also without asking. The page
form author determines a default state; the UA shouldn't assume that a user
wants another state before the user has rejected the page author's default, nor
should the UA accept a form without the user affirmatively accepting the form.

>> "With respect to such rendering . . ., each such
>> choice by a user shall be clear to the user even
>> if the user is an ordinary user.[ . . . ."]

> I have no idea what this means.

Subtleties have gone too far, in that most users can't tell the difference
between the website and the UA's overlay, and thus between different owners'
content, but think it's all part of the website. That should be banned, and the
ownership distinguished so the user knows, even if the user lacks an advanced
understanding of Web design.

>> [". . . .] Considering the user as an individual,
>> if such a choice [of page or form rendering] is made
>> by an individual other than the user or, if permitted
>> under this specification, by the user agent, each such
>> choice and the distinction from the absence of all such
>> choices shall be clear to the user even if the user is
>> an ordinary user. A user agent's capability to make each
>> such choice clear must not be capable of being
>> disabled.[ . . . ."]

> What is this trying to say?

If an intermediary, such as a computer provider who lets the public use it or
an employer, or a UA makes choices, the user should know, and the ability of
the UA to tell the user should not be susceptible to being turned off. Choices
that are not made by the user or the website owner should be clear to the user,
but sometimes they're not, and that shouldn't be allowed.

>> "Submission of a form must be with the postcompletion
>> consent of the user treated as an ordinary user. Such
>> postcompletion is after completion or operation of one
>> or more controls or, if completion or operation of
>> every control is optional, after an opportunity to,
>> at the user's immediate option, manually complete or
>> operate or autocomplete or auto-operate all controls
>> even if none are completed or operated.[ . . . ."]

> I seriously have no idea whatsoever what this means.

The UA shouldn't assume what we want to do with a form. Users decide. The UA
should only carry out the user's decision or else the UA should not do
anything.

>> "An ordinary user is an individual or other user
>> who has only minimal knowledge of the sum of how
>> computers, user agents, networking, the Internet,
>> the World Wide Web, websites, scripts, markup,
>> HTML, XHTML, and styles work. The ordinary user
>> may have more than minimal knowledge, and may have
>> great knowledge in noncomputer subjects, but must
>> not be expected to. For example, almost no ordinary
>> user has knowledge of any relevant promulgated
>> standards but may instead base their knowledge on
>> limited practical experience with one user agent
>> and various websites without knowing which ones are
>> standards-compliant and which are not.[ . . . ."]

> It seems highly unusual to write conformance criteria
> which depend on the education of the user.

Yes, but HTML5 does recommend clarity to the user in two sections. What's clear
to a user depends on the user's education.

"When the ping attribute is present, user agents should clearly indicate to the
user that following the hyperlink will also cause . . . ." Section 6.12.2.1
(hyperlink auditing).

"This specification does not specify how to distinguish between the main
content of a document and content that is not deemed to be part of that main
content. The distinction should be made clear to the user. . . . . In this case
the license applies to just the photo (the main content of the document), not
the whole document. In particular not the design of the page itself, which is
covered by the copyright given at the bottom of the document. This could be
made clearer in the styling (e.g. making the license link prominently
positioned near the photograph, while having the page copyright in light small
text at the foot of the page." Section 6.12.3.9 (link type license).

While both HTML 5 and 4.01 say little about being clear to a user, much of the
semanticism and the requirement that page authors stay within semantic
boundaries would seem to serve only three major purposes in cases where a UA
otherwise would render semantically-violating elements identically: clarity to
search engine indexers and, when CSS is supported appropriately, clarity to
nondsabled users and clarity to users with disabilities.

>> [". . . .] Because many websites that are
>> frequented by ordinary users have a variety of
>> appearances not specifically sanctioned by any
>> publicly disseminated standards or
>> specifications, an ordinary user must not be
>> expected to know that a new design has a new
>> meaning, unless that new meaning is clearly
>> explained to that user at the time of exposure
>> or soon before. [. . . ."]

> I guess this is saying "Users might not understand
> things they haven't seen before"? If so, that seems
> obvious and it would not be necessary for us to say
> it explicitly.

It's saying more. When ownership of apparent content requires advanced
computeracy to discern, a browser maker and its advertisers can mislead and
open up to fraud. In effect, we're getting misattribution of Web content
through double-underlining and context menu additions because users aren't
being educated about these little things that make all the difference, and the
UA maker should have the burden of explaining the differences or not
implementing them, unless the website owner wants them.

Subtlety is relative to knowledge. Under an ordinary-user norm of
understanding, IE8 Accelerators would be noncompliant.

Of course, innovation is generally good and users should learn more about using
the Web. But new users are legion and will be for years, and many or most users
are infrequent or specialized in what they do online and so we have to accept
that most users don't have advanced sensitivities to how Web design stands. UAs
should not treat them as vessels for other agendas.

>> [". . . . .] An ordinary user must not be
>> expected to be familiar with computer or user
>> agent features, including features that provide
>> help and menu commands, since, for ordinary users,
>> many such features may have been disabled or
>> placed beyond reach by an institution permitting
>> use of a computer. [. . . ."]

> This is definitely out of scope for the HTML5 specification.

Usability is important not only because unusable sites tend to be abandoned and
fail their purposes, but also because subtlety is being employed to hold users
by misleading them about whose content they're looking at.

HTML correctly imposes requirements on page authors. It may also impose on UA
designers as to rendering for usability. Not allowing help to be disabled would
be an example.

>> "Absent such a choice by a user, for all documents
>> having the same HTML markup such a rendering shall
>> be uniform over time across all such documents
>> regardless of website and for all documents
>> lacking any HTML markup such a rendering shall be
>> uniform over time across all such documents
>> regardless of website."

> I don't understand what value this adds to the
> specification.

Consistency. A UA couldn't favor some sites or times over other sites or times.
That prevents their getting around the main restrictions by a claim that every
site or session is unique.

> If you disagree with this, please escalate this
> to the working group chairs.

I will consider your suggestion.

Thank you.

-- 
Nick
================================================================================
 #23  Nick Levinson                                   2009-10-14 16:10:02 +0000 
--------------------------------------------------------------------------------
Three corrections to my last comment above are that in the first nonquotation
paragraph, the opening "f" should be "If" and, thereafter, "secton" should be
"section" and "nondsabled" should be "nondisabled", all per my original intent.

Thanks.
================================================================================
 #24  Maciej Stachowiak                               2010-03-14 13:16:56 +0000 
--------------------------------------------------------------------------------
This bug predates the HTML Working Group Decision Policy.

If you are satisfied with the resolution of this bug, please change the state
of this bug to CLOSED. If
you have additional information and would like the editor to reconsider, please
reopen this bug. If you would like to escalate the issue to the full HTML
Working Group, please add the TrackerRequest keyword to this bug, and suggest
title and text for the tracker issue; or you may create a tracker issue
yourself, if you are able to do so. For more details, see this document:
   http://dev.w3.org/html5/decision-policy/decision-policy.html

This bug is now being moved to VERIFIED. Please respond within two weeks. If
this bug is not closed, reopened or escalated within two weeks, it may be
marked as NoReply and will no longer be considered a pending comment.
================================================================================
 #25  Nick Levinson                                   2010-03-28 18:29:33 +0000 
--------------------------------------------------------------------------------
*** Bug 6774 has been marked as a duplicate of this bug. ***
================================================================================
 #26  Nick Levinson                                   2010-05-12 16:47:02 +0000 
--------------------------------------------------------------------------------
I'm closing this (and removing the NoReply keyword). I'm thinking of another
approach to the problem.

Additional points:

--- It's a contradiction to create a new user interface method for common use,
not explain it, and expect users to be responsible for its correct use or
nonuse.

--- It's likewise a contradiction for an HTML standard to hold site owners and
designers for how UAs reinterpret sites without notice to owners and designers
(other than notice that UAs can do what they want).

--- And it's a contradiction to require that users be expert users in order to
understand what's going on when new methods are introduced without explanation;
HTML and various other standards are meant to support experts and neophytes in
using the Internet in order to support Internet popularity.

--- A method to block Accelerators and the like should not be punitive, e.g.,
blocking Accelerators should leave the rest of the user's experience intact,
e.g., an entire menu should not be disabled just to disable the Accelerators in
that menu (assuming the rest of the menu is acceptable).

Thank you.
================================================================================

-- 
Configure bugmail: https://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Tuesday, 25 September 2012 22:03:32 UTC