Re: Allow ... centralized dialog up front from Florian Bösch on 2013-02-01 (public-webapps@w3.org from January to March 2013)

From: Florian Bösch <pyalot@gmail.com>
Date: Fri, 1 Feb 2013 13:16:57 +0100
To: Arthur Barstow <art.barstow@nokia.com>
Cc: Webapps WG <public-webapps@w3.org>
Message-ID: <CAOK8ODi=RfRKd0kkZfEEZY6pK=mEOeP7ofe==qjNSk6A=XUAoA@mail.gmail.com>

Section 9.4.3 Poor usability of dialog boxes

Desktop software commonly reports problems through modal pop-up dialog
> boxes. Such dialog boxes frequently appear during normal software use.
> Also, the user is frequently given no reasonable course of action other
> than clicking the OK button. Consequently, users have been conditioned to
> automatically dismiss such dialog boxes, often without even glancing at
> their content. User studies confirm this phenomena also holds for security
> warnings from web browsers


It stands to fairly simple reason that one dialog box to click away stands
a better chance than to click away a myriad of them. My proposal to
introduce an API to make it possible to centralize them has a multitude of
benefits over the status quo such as:

- An application can indicate all its desired APIs and it can indicate
which are optional and which are mandatory to an applications functioning.
- Since the dialog can be triggered up front, before attempting to use any
of these APIs, it will not introduce conflicting or dangerous interaction
patterns (such as fullscreen spoofing)
- Since it is central and up front it can be put squarely in the middle of
the page instead of at the sidelines.
- Since it is not bound by a desire to make it "unobtrusive" it can use the
added screen real estate to make a more understandable dialog.

There is ample precedent for such kinds of dialogs in various single-sign
on services (such as offered by facebook, twitter, google and so on).


On Fri, Feb 1, 2013 at 12:59 PM, Florian Bösch <pyalot@gmail.com> wrote:

> On Fri, Feb 1, 2013 at 12:56 PM, Arthur Barstow <art.barstow@nokia.com>wrote:
>
>> Web Security Experience, Indicators and Trust: Scope and Use Cases
>>  <http://www.w3.org/TR/2008/**NOTE-wsc-usecases-20080306/<http://www.w3.org/TR/2008/NOTE-wsc-usecases-20080306/>
>> >
>>
>
> Yeah, has anybody actually even read that notes TOC, you can scroll
> straight to section 2.6:
> http://www.w3.org/TR/2008/NOTE-wsc-usecases-20080306/#trust-decision-management
>
> No matter how well security context information is presented, there will
>> always be users who, in some situations, will behave insecurely even in the
>> face of harsh warnings. Thus, the Working Group will also recommend ways to
>> reduce the number of situations in which users need to make trust decisions.
>
>

Received on Friday, 1 February 2013 12:17:25 UTC