- From: Anil Saldhana <Anil.Saldhana@redhat.com>
- Date: Fri, 03 Aug 2007 13:34:19 -0500
- To: Ian Fette <ifette@google.com>
- CC: Web Security Context WG <public-wsc-wg@w3.org>
Ian, can you point me to the use case 19 that you refer to? Anil Ian Fette wrote: > Hi all, > > I took on an action item to create a new use case for notifying a user > that a site they've previously visited is now blacklisted. I sent this > out and there didn't seem to be much contention, the only reply was a > "looks good" from Dan Schutzer and a polite email from Mez telling me > that the subject should have been "ACTION-275". As such, I'm > re-sending this, mostly for the tracker, with the correct subject. If > you have any concerns with the below use case, please feel free to > bring them up, otherwise I'd like to get this use case added into the > Scope and Use Cases document. > > > Betty tries to connect to a web site at <http://www.example.com/>. She > visits this site frequently to read various news and articles. Since > her last visit, the site example.com <http://example.com/> has been > compromised by some method, and visitors are now being infected with > malware. A blacklist used by her user agent has since listed > example.com <http://example.com/> as a known bad site, what warnings > should Betty be presented with? > > Destination Site > - Known, Prior visit > Navigation > - any > Intended interaction > - Information retrieval > Actual interaction > - software installation > Note > - This is slightly different than use case 19. It still deals with how > to present results obtained from reputation services, but in the case > of a user returning to a site that they believe to be "good" when that > site is now believed to be compromised. > > Thanks, > Ian Fette -- Anil Saldhana Project/Technical Lead, JBoss Security & Identity Management JBoss, A division of Red Hat Inc. http://labs.jboss.com/portal/jbosssecurity/
Received on Friday, 3 August 2007 18:34:34 UTC