- From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Date: Fri, 20 Apr 2007 18:16:35 -0400
- To: "Dan Schutzer" <dan.schutzer@fstc.org>,public-wsc-wg@w3.org
- Message-ID: <OF75A38DD1.0FE4CAC8-ON852572C3.0057CAC2-852572C3.007A5E6A@LocalDomain>
Thanks for posting that Dan. "These websites can only be selected from an approved list of websites that have gone to some lengths (e.g. compliance with special PKI technical requirements (see Part 1: Technical below), and undergoing a rigorous certification and compliance process) to allow it to be reliably distinguished from spoof sites. Examples of such certification steps include: being able to prove the website is from a trusted top level domain (e.g. .bank); or having the site credentials verified by a Bridge Authority; or verified by an EV where special verification and compliance steps have been taken to provide a guaranteed level of trust). " As a user, I'd want to use this for my work sites as well, which are not banks. I imagine that would be true of many users; they'd want to trust the sites associated with their place of work with PII or similiarly sensitive information. "(e.g. see FSTC BMA document entitled ?FSTC BMA Browser Recommendations?), " For that to be part of this discussion, we'll need a URL for it. Is it the document that Chuck shared for discussion at our last meeting? http://fstc.org/projects/docs/Recommendations_and_Requirements_for_BMA_v1.0.pdf?PHPSESSID=20cc0c14758294534c58cac8a9e1a685 At a glance, it's not clear to me which parts of that document cover the distinct look, and which part the items that should be turned off. But I think the latter won't be core to the initial discussion. "In fact, banks and other ?trusted sites? could incent users who only access them on-line via SBM Mode (e.g. provide loyalty points, safety guarantees, fee discounts or higher interest rates). " I think they could only "know" that via updates in protocols, which are out of scope. But maybe I'm missing something. "To make SBM useful, three things must be true: a. users must be in SBM mode before there is any possibility of providing bogus FI sites with information b. users must be aware that they are in SBM c. users must understand that only legitimate ?trusted? websites will be accessible in SBM, and that it is therefore safe to provide information to sites that are accessible in SBM " This is a really nice summary. What it brings home to me is the two-tier model of the proposal, which I struggle with. The more general it is, the wider the range of data the user could be asked to provide inappropriately (FIs could ask for something that would be company confidential, if it also includes my work sites). But the more narrow it is, the more attacks from totally unknown parties it leaves out. I see your proposal does in fact address some of those concerns, but conciously wants to leave them out "to start with". Do you mean for the duration of this WG's recommendations? (2nd to last paragraphy before the Part 1 - Technical). I really like this writeup. It puts together a whole proposal, but it's easy to look at each of the components as well (how the trustworthy sites are determined, for example, can be configurable or change over time; the set of things that cannot be done is a separable consideration). Mez Mary Ellen Zurko, STSM, IBM Lotus CTO Office (t/l 333-6389) Lotus/WPLC Security Strategy and Patent Innovation Architect "Mary Ellen Zurko" <Mary_Ellen_Zurko@notesdev.ibm.com> Sent by: public-wsc-wg-request@w3.org 04/19/2007 07:54 AM To "Dan Schutzer" <dan.schutzer@fstc.org> cc public-wsc-wg@w3.org Subject RE: Safe Web Browsing Mode Dan has posted an updated proposal on Safe WEb Browsing, which I hope we'll be able to discuss next week: http://www.w3.org/2006/WSC/wiki/SafeWebBrowsing Mez Mary Ellen Zurko, STSM, IBM Lotus CTO Office (t/l 333-6389) Lotus/WPLC Security Strategy and Patent Innovation Architect
Received on Friday, 20 April 2007 22:16:57 UTC