RE: Problems with the current user interface from Mary Ellen Zurko on 2006-12-12 (public-wsc-wg@w3.org from December 2006)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Tue, 12 Dec 2006 13:41:02 -0500
To: tyler.close@hp.com
Cc: "W3 Work Group" <public-wsc-wg@w3.org>
Message-ID: <OF55BE637F.C6EE34F3-ON85257242.00665F07-85257242.0066A270@LocalDomain>

It's still out of scope. It doesn't have to do with the "secure and usable 
presentation" of security context information to the user. Security 
context information is what helps the user make trust definitions 
(paraphrasing the charter). 

There will certainly be user agent security problems we don't solve. Some 
of them will involve the user or user interface. 

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect

"Close, Tyler J." <tyler.close@hp.com> 
Sent by: public-wsc-wg-request@w3.org
12/12/2006 11:48 AM

To
"W3 Work Group" <public-wsc-wg@w3.org>
cc

Subject
RE: Problems with the current user interface

Mary Ellen Zurko wrote:
> All look good, though I think this one falls out of our scope:
>    * Passwords are reused across distinct web sites

I was thinking we could address this problem through the user interface
to the browser's password manager. For example, if the user interface
made it easier to generate, remember and form fill passwords, perhaps
users would do that, instead of reusing the same password at distinct
web sites.

Tyler

Received on Tuesday, 12 December 2006 18:56:36 UTC