References for "Web User Interaction: Threat Trees" Working Group Note from Susan G. Lesch on 2008-06-11 (public-usable-authentication@w3.org from June 2008)

From: Susan G. Lesch <slesch_mn1@comcast.net>
Date: Tue, 10 Jun 2008 21:20:23 -0700
To: public-usable-authentication@w3.org
Message-ID: <484F5287.40003@comcast.net>

Hello,

In February, a Wikipedia user tagged "Cross-site scripting" [1], one of the 
two Wikipedia sources cited in "Web User Interaction: Threat Trees" [2], 
because the article lacked citations. Thanks to the patience of the article's 
primary author and all of its editors (this took the better part of two 
weeks), XSS is now pretty much cited. I have learned over the years it is best 
to note in security matters that I am not an expert on the topic. Maybe others 
here will have more improvements and corrections.

[1] http://en.wikipedia.org/wiki/Cross-site_scripting
[2] http://www.w3.org/TR/2007/NOTE-wsc-threats-20071101/

Hope this helps,
-- 
Susan G. Lesch, TEXTET
http://www.textet.com/
San Diego, California and Minneapolis, Minnesota, USA
mailto:susan@textet.com

Received on Wednesday, 11 June 2008 04:26:53 UTC