Re: ACTION-275 from Ian Fette on 2007-08-03 (public-wsc-wg@w3.org from August 2007)

From: Ian Fette <ifette@google.com>
Date: Fri, 3 Aug 2007 12:11:07 -0700
To: "Anil Saldhana" <Anil.Saldhana@redhat.com>
Cc: "Web Security Context WG" <public-wsc-wg@w3.org>
Message-ID: <bbeaa26f0708031211x5c4a577r811e69ee34efde45@mail.gmail.com>

In the Scope and Use Cases document linked to from the public website at

http://www.w3.org/TR/2007/WD-wsc-usecases-20070525/#scenarios

It can be found under section 6.5, scroll down to 19. Vicki is interested in
finding...

-Ian

On 8/3/07, Anil Saldhana <Anil.Saldhana@redhat.com> wrote:
>
> Ian,
>   can you point me to the use case 19 that you refer to?
>
> Anil
>
> Ian Fette wrote:
> > Hi all,
> >
> > I took on an action item to create a new use case for notifying a user
> > that a site they've previously visited is now blacklisted. I sent this
> > out and there didn't seem to be much contention, the only reply was a
> > "looks good" from Dan Schutzer and a polite email from Mez telling me
> > that the subject should have been "ACTION-275". As such, I'm
> > re-sending this, mostly for the tracker, with the correct subject. If
> > you have any concerns with the below use case, please feel free to
> > bring them up, otherwise I'd like to get this use case added into the
> > Scope and Use Cases document.
> >
> >
> > Betty tries to connect to a web site at <http://www.example.com/>. She
> > visits this site frequently to read various news and articles. Since
> > her last visit, the site example.com <http://example.com/> has been
> > compromised by some method, and visitors are now being infected with
> > malware. A blacklist used by her user agent has since listed
> > example.com <http://example.com/> as a known bad site, what warnings
> > should Betty be presented with?
> >
> > Destination Site
> > - Known, Prior visit
> > Navigation
> > - any
> > Intended interaction
> > - Information retrieval
> > Actual interaction
> > - software installation
> > Note
> > - This is slightly different than use case 19. It still deals with how
> > to present results obtained from reputation services, but in the case
> > of a user returning to a site that they believe to be "good" when that
> > site is now believed to be compromised.
> >
> > Thanks,
> > Ian Fette
>
> --
> Anil Saldhana
> Project/Technical Lead,
> JBoss Security & Identity Management
> JBoss, A division of Red Hat Inc.
> http://labs.jboss.com/portal/jbosssecurity/
>
>

Received on Friday, 3 August 2007 19:11:31 UTC