- From: George Staikos <staikos@kde.org>
- Date: Sat, 22 Apr 2006 08:32:43 -0400
- To: "Undisclosed.Recipients": ;
- Cc: public-usable-authentication@w3.org
On Friday 21 April 2006 15:58, Hallam-Baker, Phillip wrote: > A user is a finite state machine, the states being: > > 1) Not suspicious > > 2) Suspicious > > 3) Phished > > 4) Safe > > > I agree that it is pretty hard to raise an event that causes the user to > change state from Not suspicious to suspicious. > > That is not the main point here. What I really want is a way to ensure that > a user who enters the state suspicious reliably ends up in the state Safe. > > At the moment there is no way for the suspicious user to quickly and > effectively determine whether they are under attack or not. I think that's a good point. However it's also important to make sure that the suspicious state occurs before the user even starts to fill a form. Filling a form compromises the data even before the submit button is pressed. -- George Staikos KDE Developer http://www.kde.org/ Staikos Computing Services Inc. http://www.staikos.net/
Received on Saturday, 22 April 2006 12:39:54 UTC