public-wsc-wg@w3.org from December 2007 by subject

11/28 Minutes

ACTION-214 OPEN solicit commentary on Threat Trees from MITRE INFOSEC

ACTION-214 OPEN solicit commentary on Threat Trees from MITREINFOSEC

ACTION-304: Lo Fi demo opf Secure Letterhead

ACTION-318: Draft a new subsection to section 7 discussing the mixing of trusted/untrusted information in the UI

ACTION-318: Draft a new subsection to section 7 discussing themixing of trusted/untrusted information in the UI

ACTION-326: Transfer RobustSharedSecret into section 8.2

ACTION-329 Review 8.2 to ensure suitability of language in non-visual contexts Bruno von Niman 2007-11-12

ACTION-344, ISSUE-120: Proposed normative material on audio logotypes

ACTION-346 - Suggest alternate text for 8.1.2

ACTION-347: Chinese Whispers

ACTION-348: cert related terminology

ACTION-349: verify that normative material from WhatIsASecurePage was fully incorporated in wsc-xit

ACTION-355: Describe algorithms commonly used to create display names of certificates

ACTION-358 (ISSUE-116) Proposed Language

ACTION-363 Ian's WSC-XIT review

ACTION-381: Draft a new subsection discussing the mixing of trusted/untrusted information in the UI

Agenda: WSC WG distributed meeting, Wednesday, 2007-12-05

Agenda: WSC WG distributed meeting, Wednesday, 2007-12-12

Agenda: WSC WG distributed meeting, Wednesday, 2007-12-19

CA DN collisions?

Certificate status checks vs validity period; self-signed certs(Re: Current state of editor's draft / IdentitySignal)

Comments on Draft

Comments on: Access Control for Cross-site Requests

December 5 regrets

Discontinuation of ANEC representation

IETF Web Authentication Resistant to Phishing

ISSUE-123 - Safe Form Bar: HTTP assumptions in "no TLS" section

ISSUE-126: Define "picture-in-picture attack" [Techniques]

ISSUE-131 (Code outside browser): Executing code outside of browser in 8.3.2.3 is vague / scary [All]

ISSUE-133 (Plugin Problems): How do our definition of Web Page and the Robustiness section interact? [wsc-xit]

ISSUE-134: Let others besides industry define AAC criteria [wsc-xit]

ISSUE-135 (SSC assertions): Not trusting any SSC assertion seems overbroad [wsc-xit]

ISSUE-136: Allow new established patterns to redefine what's expected in terms of strong TLS protection [wsc-xit]

ISSUE-137: Require Identity Signal whenever URLs are displayed [wsc-xit]

ISSUE-138: Downgrade strength of Issuer field's Organziation attribute [wsc-xit]

ISSUE-139: Clarify UX of CoSL [wsc-xit]

ISSUE-140: Don't show certificate information as identity when its weak [wsc-xit]

ISSUE-141: More history that may be part of additional security context information [wsc-xit]

ISSUE-142: Page Security Score does not yet have enough content behind it [wsc-xit]

ISSUE-143: MITM cert handling needs some sketching out of examples [wsc-xit]

ISSUE-144: Do we need to specify mixed content in more detail? [wsc-xit]

ISSUE-145: WhatIsASecurePage not fully incorporated [wsc-xit]

Jan Vidar's review of wsc-xit

Larry Seltzer proclaims DNSSEC DOA

Linking certs

Luis Barriga's WSC-XIT Review

Meeting record: 2007-11-28

Meeting record: 2007-12-12

Mez' review of wsc-xit

need to adjust action items

Opera's wsc-xit review comments

Social Networks, Phishing and Privacy

threats Re: Comments on draft documents posted to the WSC wiki

usecases comments Re: Comments on draft documents posted to the WSC wiki

Weekly WSC conference call 12/05 - regrets

WSC meetings - Holiday schedule

WSC Open Action Items

wsc-xit review comments

wsc-xit review notes

xit comments Re: Comments on draft documents posted to the WSC wiki

Yngve's wsc-xit review

Last message date: Friday, 28 December 2007 19:52:35 UTC