Re: favicons: updated editor's draft [ACTION-276]

On 2007-08-08 12:32:57 -0400, Mike Beltzner wrote:

> Sorry to not have been on the call last week. I can tell you that
> the NECCESSARY techniques that MUST be implemented by a
> conforming web user agent (as per 7.1.3) are unrealistic in terms
> of meshing with user experience, and are, I think, throwing the
> baby out with the bathwater.  Specifically the requirement to not
> show a favicon in the Location Bar.

I seem to recall that this requirement was discussed at length at
the face-to-face in Dublin, without you objecting against this
requirement?

Since you are using the plural, I'd also like to understand what
your objection is against the second technique (no favicons in
dialogues intended to enable trust decisions) -- this one is
basically about, say, a certificate dialogue, where you'd
specifically not want branding to be under the control of the
potential attacker.

> The favicon has become the visual avatar of a website, allowing
> for brand association, and easing several tasks including
> scanning through bookmarks, history and tabs to ease the task of
> locating (or recalling) a specific entry.

The text is phrased relatively carefully to not forbid any of these
practices -- as you may recall, there was discussion about
"outlawing" favicons completely back in Dublin.

> This entire section seems to exist because security indicators
> presently look like favicons, and since the website can simply
> copy that image and make the favicon look like a security
> indicator, easy spoofing and confusion is possible.

Well, it also exists because security indicators are being displayed
far too close to the favicon...

-- 
Thomas Roessler, W3C  <tlr@w3.org>

Received on Wednesday, 8 August 2007 16:50:41 UTC