- From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Date: Fri, 20 Apr 2007 18:16:35 -0400
- To: "Dan Schutzer" <dan.schutzer@fstc.org>,public-wsc-wg@w3.org
- Message-ID: <OF75A38DD1.0FE4CAC8-ON852572C3.0057CAC2-852572C3.007A5E6A@LocalDomain>
Thanks for posting that Dan.
"These websites can only be selected from an approved list of websites
that have gone to some lengths (e.g. compliance with special PKI technical
requirements (see Part 1: Technical below), and undergoing a rigorous
certification and compliance process) to allow it to be reliably
distinguished from spoof sites. Examples of such certification steps
include: being able to prove the website is from a trusted top level
domain (e.g. .bank); or having the site credentials verified by a Bridge
Authority; or verified by an EV where special verification and compliance
steps have been taken to provide a guaranteed level of trust). "
As a user, I'd want to use this for my work sites as well, which are not
banks. I imagine that would be true of many users; they'd want to trust
the sites associated with their place of work with PII or similiarly
sensitive information.
"(e.g. see FSTC BMA document entitled ?FSTC BMA Browser Recommendations?),
"
For that to be part of this discussion, we'll need a URL for it. Is it the
document that Chuck shared for discussion at our last meeting?
http://fstc.org/projects/docs/Recommendations_and_Requirements_for_BMA_v1.0.pdf?PHPSESSID=20cc0c14758294534c58cac8a9e1a685
At a glance, it's not clear to me which parts of that document cover the
distinct look, and which part the items that should be turned off. But I
think the latter won't be core to the initial discussion.
"In fact, banks and other ?trusted sites? could incent users who only
access them on-line via SBM Mode (e.g. provide loyalty points, safety
guarantees, fee discounts or higher interest rates). "
I think they could only "know" that via updates in protocols, which are
out of scope. But maybe I'm missing something.
"To make SBM useful, three things must be true: a. users must be in SBM
mode before there is any possibility of providing bogus FI sites with
information b. users must be aware that they are in SBM c. users must
understand that only legitimate ?trusted? websites will be accessible in
SBM, and that it is therefore safe to provide information to sites that
are accessible in SBM "
This is a really nice summary. What it brings home to me is the two-tier
model of the proposal, which I struggle with. The more general it is, the
wider the range of data the user could be asked to provide inappropriately
(FIs could ask for something that would be company confidential, if it
also includes my work sites). But the more narrow it is, the more attacks
from totally unknown parties it leaves out.
I see your proposal does in fact address some of those concerns, but
conciously wants to leave them out "to start with". Do you mean for the
duration of this WG's recommendations? (2nd to last paragraphy before the
Part 1 - Technical).
I really like this writeup. It puts together a whole proposal, but it's
easy to look at each of the components as well (how the trustworthy sites
are determined, for example, can be configurable or change over time; the
set of things that cannot be done is a separable consideration).
Mez
Mary Ellen Zurko, STSM, IBM Lotus CTO Office (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect
"Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com>
Sent by: public-wsc-wg-request@w3.org
04/19/2007 07:54 AM
To
"Dan Schutzer" <dan.schutzer@fstc.org>
cc
public-wsc-wg@w3.org
Subject
RE: Safe Web Browsing Mode
Dan has posted an updated proposal on Safe WEb Browsing, which I hope
we'll be able to discuss next week:
http://www.w3.org/2006/WSC/wiki/SafeWebBrowsing
Mez
Mary Ellen Zurko, STSM, IBM Lotus CTO Office (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect
Received on Friday, 20 April 2007 22:16:57 UTC