- From: Close, Tyler J. <tyler.close@hp.com>
- Date: Fri, 8 Dec 2006 16:00:41 -0600
- To: <public-wsc-wg@w3.org>
Is the comment below about IDS-like processing the answer to my question for clarification in <http://lists.w3.org/Archives/Public/public-wsc-wg/2006Dec/0058.html>? So, "code based techniques to detect spoofing attacks" and: "calculations, algorithms, and functions that attempt to determine whether or not an attack is underway" both refer to IDS-like processing being out of scope? Does IDS-like processing mean heuristic based detection? So for example, spam filter like detection of phishing attacks is out of scope? Tyler -----Original Message----- From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Thomas Roessler Sent: Friday, December 08, 2006 10:55 AM To: Mary Ellen Zurko Cc: public-wsc-wg@w3.org Subject: Re: What problems are we trying to solve? Well, in looking at security context information (and how to present it), we might arrive at the conclusion that there is just nothing useful out there in some particular circumstance. That conclusion would be something to document. On the other hand, I agree that the charter doesn't even go near specifying any kind of sophisticated, IDS-like processing of context information. Cheers, -- Thomas Roessler, W3C <tlr@w3.org> On 2006-12-08 08:22:10 -0500, Mary Ellen Zurko wrote: > From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com> > To: Thomas Roessler <tlr@w3.org> > Cc: public-wsc-wg@w3.org > Date: Fri, 8 Dec 2006 08:22:10 -0500 > Subject: Re: What problems are we trying to solve? > X-Spam-Level: > > > when I had first seen your list, I had read that point with an > > emphasis on "discovered an attack", and had thought of heuristic > > techniques, IDS-like stuff, and so on. > > Yes, that aspect too is out of scope. > > > I do think that discussion on how user agents ought to react to > > failures of security protocols is in scope -- the prime example here > > being the MITM detection in SSL which is subverted by giving users > > an override button that they'll of course push. > > It's my understanding that the charter defines our scope (our goals can be > more targetted than the scope allows for). Is my understanding wrong? If > not, what part of the charter supports that? > Mez >
Received on Friday, 8 December 2006 22:01:06 UTC