Re: ISSUE-49: trust in browser password cache needs to be better justified (pubic comment) from Mary Ellen Zurko on 2007-04-19 (public-wsc-wg@w3.org from April 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Thu, 19 Apr 2007 07:34:04 -0400
To: Web Security Context WG <public-wsc-wg@w3.org>
Message-ID: <OF3E867D4F.00BD1A9F-ON852572C2.003EC917-852572C2.003F8EA4@LocalDomain>

The point of 8.4 is to call out the current positive aspects of password 
management, particularly as it relates to the charter of the wg 
(supporting web based trust decisions). I propose clarifying that by 
changing the opening to call out out explicitly: 

Modern browsers include a password manager that can autofill the 
corresponding user login credentials for a web site. This feature provides 
several usability benefits that can help users notice and avoid web based 
attempts to steal their passwords. It provides a presentation cue [...]

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect




Web Security Context Issue Tracker <dean+cgi@w3.org> 
Sent by: public-wsc-wg-request@w3.org
04/16/2007 06:48 AM
Please respond to
Web Security Context WG <public-wsc-wg@w3.org>


To
public-wsc-wg@w3.org
cc

Subject
ISSUE-49: trust in browser password cache needs to be better justified 
(pubic comment)








ISSUE-49: trust in browser password cache needs to be better justified 
(pubic comment)

http://www.w3.org/2006/WSC/Group/track/issues/49

Raised by: Bill Doyle
On product: Note: use cases etc.

>From public comments
raised by: Al Gilman Alfred.S.Gilman@ieee.org

http://lists.w3.org/Archives/Public/public-usable-
authentication/2007Apr/0000.html

trust in browser password cache needs to be better justified 
where it says, in 8.4 Password management
(better to let browser keep it)
please consider
You have in effect zeroed out the hazard raised by exploits against the OS 
and 
browser.  The bald assertion that it's better to minimize re-entry of 
passwords on repeated visits is thus not credible, because it is patently 
biased.
Why? 
Presently, I let the Apple OS keychain keep passwords for me; else not. 
This 
key wallet is explained as encrypted and this OS has a good track record. 
If 
you want to represent the user's security, you have to include all threats 
in 
presenting a balanced picture of good and bad.  If then you want the user 
to 
use the browser as a web-password safe, you need to make that case more 
convincingly than the present appeal to convenience, or avoiding spoofing 
risk.  Don't substitute a browser security hole for a user security hole. 
Fix 
the problem.

Received on Thursday, 19 April 2007 11:34:17 UTC