ISSUE-68: Note summary, goals, and scope should more clearly focus on problem to be solved---impersonation from Web Security Context Issue Tracker on 2007-04-25 (public-wsc-wg@w3.org from April 2007)

From: Web Security Context Issue Tracker <dean+cgi@w3.org>
Date: Wed, 25 Apr 2007 14:37:15 +0000 (GMT)
To: public-wsc-wg@w3.org
Message-Id: <20070425143715.E9AA847BA3@mojo.w3.org>

ISSUE-68: Note summary, goals, and scope should more clearly focus on problem to be solved---impersonation

http://www.w3.org/2006/WSC/Group/track/issues/68

Raised by: Stuart Schechter
On product: Note: use cases etc.

In talking with MeZ, she  thinks 90% of what we're doing is fighting
impersonation attacks.  Fighting impersonation means making it easier to for
users to know what site they are communicating with, and reducing the number
of cases in which impersonation can cause harm (the number of
security-critical decisions that require users to verify the identity of the
site.)  If this were reflected in the note, the goals and scope would be
oodles more clear.  For example, "security information" could be transformed
into the much more descriptive "information used to authenticate the site".

Received on Wednesday, 25 April 2007 14:37:17 UTC