ISSUE-52: benchmarking success -- it\'s out there (public comment) from Web Security Context Issue Tracker on 2007-04-17 (public-wsc-wg@w3.org from April 2007)

From: Web Security Context Issue Tracker <dean+cgi@w3.org>
Date: Tue, 17 Apr 2007 12:15:57 +0000 (GMT)
To: public-wsc-wg@w3.org
Message-Id: <20070417121557.CA39347BA3@mojo.w3.org>

ISSUE-52: benchmarking success -- it's out there (public comment)

http://www.w3.org/2006/WSC/Group/track/issues/52

Raised by: Bill Doyle
On product: Note: use cases etc.

>From public comments
raised by: Al Gilman Alfred.S.Gilman@ieee.org

http://lists.w3.org/Archives/Public/public-usable-
authentication/2007Apr/0000.html

benchmarking success -- it's out there
where it says, in 10 Process
There are no worked examples of
   standards of usable security to emulate.
Whoa! think again
Credit care and debit card operations at groceries, along with RFID based 
gasoline purchase tokens are all existence proofs of successful tradeoffs 
between usability and security.

You need to note "what works" that is "what secure+usable systems are there as 
close to the targeted domain of Web commerce as we can get?" and not just look 
inside a narrow definition of that domain and say "there are none."

Benchmark the closest approaches between the domain of successful applications 
and your desired target domain.  Don't fail to do this.

Received on Tuesday, 17 April 2007 12:16:07 UTC