- From: Mary Ellen Zurko <mzurko@us.ibm.com>
- Date: Tue, 9 Mar 2010 07:46:35 -0500
- To: public-webapps <public-webapps@w3.org>
- Message-ID: <OF8479B817.CC33EF79-ON852576E1.0045EE0D-852576E1.004607B7@LocalDomain>
The Web Security Context WG announces the publication transition of Web Security Context: User Interface Guidelines. In the section we asked WebApps to review back in September, 7.4, the only substantive change is the removal of these sentences, since no one implemented them: Web user agents MAY provide mechanisms for users to pre-consent to a class of software installations. Web user agents SHOULD inform the user when web content is installing software outside of the browser environment that is covered by a pre-consent. The WSC WG has resolved to take wsc-ui to its third Last Call on March 3: http://www.w3.org/2010/03/03-wsc-minutes.html#item02 The previous version of this specification was a Candidate Recommendation; this third Last Call serves to seek review of a number of changes made in response to feed-back received during this phase. A draft implementation report will be published along with this Working Draft; the WG anticipates asking for transition to Proposed Recommendation if and when this Last Call concludes successfully. Review ends on on March 30 2009. The requirements for this document can be found in our charter, and in our Note refining the WSC WG objectives for deliverables: http://www.w3.org/2005/Security/wsc-charter http://www.w3.org/TR/wsc-usecases/ The requirements are discussed in more detail in the Status of this Document section. We have sought and received review from the accessibility community and the Web Applications WG for previous iterations of this specification. There are no formal objections. The WSC working groups's patent policy status is at: http://www.w3.org/2004/01/pp-impl/39814/status ========================================================== Web Security Context: User Interface Guidelines W3C Working Draft 9 March 2010 This version: http://www.w3.org/TR/2010/WD-wsc-ui-20100309/ Latest version: http://www.w3.org/TR/wsc-ui/ Previous version: http://www.w3.org/TR/2009/CR-wsc-ui-20091222/ Abstract This specification defines guidelines and requirements for the presentation and communication of Web security context information to end-users. Status of this Document This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at http://www.w3.org/TR/. This is a Last Call Working Draft of "Web Security Context: User Interface Guidelines". Publication of this Last Call Working Draft follows the 22 December 2009 Candidate Recommendation of this specification; changes are based on implementer feedback. A diff document details those changes. The purpose of this Last Call is to solicit community comment on these specific changes. The Working Group anticipates to request transition to Proposed Recommendation once this final Last Call is successfully concluded. The W3C Membership and other interested parties are invited to review the document and send comments to public-usable-authentication@w3.org (with public archive) through 31 March 2010. This document was developed by the Web Security Context Working Group. The Working Group expects to advance this Working Draft to Recommendation Status. To frame its development of this specification, the Working Group had previously published a use case note [WSC-USECASES]. This specification addresses most of the use cases and issues documented in that note by documenting best existing practice, with the following exceptions: This specification does not include advice for web site authors. This specification does not provide advice to address the issue explained in sections 9.1.2 Visually extending the chrome and 9.2.7 Information bar (aka: notification bar). Additionally, section 10.4 Implementation and testing of [WSC-USECASES] articulated an expectation that the recommendations in this specification would be subject to usability testing, at least on a low fidelity level, and that such testing would form part of the Candidate Recommendation exit criteria. Resources available to the Working Group at this point will not permit the group to conduct extensive usability testing. At the same time, the focus of this specification has shifted toward documenting best existing practice. Upon requesting Proposed Recommendation status, the Working Group will present evidence for at least three partial implementations of this specification. In the aggregate, the Working Group expects to demonstrate evidence for at least two conforming implementations of each mandatory to implement feature (i.e., MUST and MUST NOT clauses in the specification), and at least one conforming implementation of each recommended feature (i.e. SHOULD and SHOULD NOT clauses in the specification). A draft implementation report is available. Publication as a Working Draft does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress. This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy. ========================================================== Mary Ellen Zurko for the Web Security Context Working Group
Received on Tuesday, 9 March 2010 12:45:32 UTC