- From: Chuck Wade <Chuck@Interisle.net>
- Date: Mon, 12 Feb 2007 13:17:50 -0500
- To: Brad Porter <brad@tellme.com>
- Cc: Mike Beltzner <beltzner@mozilla.com>, Bob Pinheiro <Bob.Pinheiro@FSTC.org>, Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>, public-wsc-wg@w3.org
- Message-ID: <45D0AF4E.8000504@Interisle.net>
Brad, et al, You've mapped the user presentation context to issues of trust in a nice, succinct manner. Furthermore, your alternative term, "browser-specific/controlled presentation elements" is a better working definition for what is more glibly referred to as "chrome." What needs to be added to this discussion is the need to make it clear to the user what part of their display is controlled by the browser (independent of whether or not they trust it), and by the remote web site. Unfortunately, as we've noted many times, the organization of the presentation elements has become confused in ways that hamper a user's ability to differentiate between what the browser put on their screen vs. the web site or sites. The ability for a web site to over-display presentation elements controlled by the browser is one source of problems, but things like "favicons" (or url icons) also confuse the organization of the display for the user (credit to Phillip for repeatedly making this point). It seems that this issue of clarifying to the user what portion of their display is controlled by what entity is core to usability and user confidence. It also seems that this continues to the elude the industry as the clamor for features overrides concerns for the user's ability to map what's going on. Fundamentally, if average users can't perform this mapping with confidence, then we'll never win this game of trust. This issue also iterates to the next level. Your trust chain of "user => browser => web site" really extends to multiple "content sites" that interact in ways that can be [very] confusing to the user. While this WSC project can, and should, say something about cordoning off the browser's presentation elements, we should at least think about the problem of the user trying to discriminate which of the many presentation elements on their display represent the site they think they visited, vs. all the other sites that have piggybacked onto this Web session (e.g., advertisers, in-house promotions). Before jumping to the conclusion that this is definitely out of scope, consider that there are many browser "features" (some plugins, some built-in options) that allow users to block advertisements, pop-ups, flash animations, and other third-party content. This has the important advantage to the user of reducing the web page display to just the elements that truly come from the site identified in the location bar. Imagine, for a moment, a browser that might offer the user the ability to gray out all the elements in a web page that are *not* associated with the site identified in the location bar. Wouldn't this be something that users would value in terms of improving their confidence? (Irrespective of what us technologists or the marketing folks might say?) I don't think it's a stretch to say that the browser options that allow users to constrain content (e.g., popup blockers) are every bit as popular as the options that enrich content (e.g., flash). (Aside, how many users know that there are active, though hidden, controls for a flash object displayed on their screen, but what these controls can do is constrained by the content provider? Should such controls be considered part of somebody's chrome?) If the ability to manage the content that can be displayed on a screen is important to users, then this will come back to the more fundamental browser design issues, such as how such content controls should be presented to users, and how they know which controls are active at any time. This will bring us back to the issue of "safe browsing," and how a user can know that they're actually in the safe browsing mode, and that the content they see is truly constrained by this mode. Some browsers and plugins will indicate their current state of operation in the window "chrome" of a browser (i.e., always visible), while others hide their state, perhaps in preference settings. Certainly, the lack of standardization for how these potentially critical indicators are displayed is one of the challenges confronting users and browser designers alike. Which brings me to some questions for which I have not yet seen definitive answers: 1. Does the "chrome" include any dialog boxes or other control elements used to configure the browser or control the display context? What about the alternative term "browser-specific/controlled presentation elements"? 2. What about the menu bar? Here we need to be careful that we don't get caught up in the OS wars. 3. Speaking of the OS wars, should we at least consider the relationship of the OS to the browser? After all, the more complete trust relationship is User => OS => Browser => Web. Let's be real, the interaction between the OS and the browser has been a contentious issue of the past, and it's likely to remain so in the future. Would we be putting our heads in the sand if we ignore this issue? It is the OS that controls the display in the first place, and OS vendors already leverage this point of control within the browser context to their own advantage, but also to the advantage of users. 4. Should there be standard conventions for how to display the state of browser content controls within the default window frame "chrome" areas? (e.g., popups currently blocked) Can we keep this from leading to another round of toolbar mania? 5. Can any of this be made understandable to users? Aside, I contend that users will make the effort to understand and become facile with what matters to them and their browsing experience, but not necessarily what browser vendors or Web site content developers think should matter to users. 6. Is there a way to factor out a lot of the confusing knobs, dials, and indicators, and get to some simple "idiot-proofed" controls (analogous to "idiot lights" on an automobile dashboard). Here's where the "safe browsing" mode could come into play--a comprehensible mode that eliminates a lot of the clutter, but establishes confidence in the user that they can reasonably determine whether or not to trust what's in front of their face. 7. Where do we draw the distinction between browser controls (whether or not within the chrome) and controls associated with other content presentation tools within the same Web page? (e.g., Acrobat, Flash, RealMedia, QuickTime, WM.) How would users like for these controls to be presented? Should we care? Apologies for being so long-winded about a mere definition of terms, but my sense is that the definition of browser chrome is a lot more complicated than any of the traditional interpretations might indicate. We may find that retrofitting usability to the current browser/web-site framework is about as difficult as retrofitting security to an insecure system. In this case, the issues of security and usability are completely intertwined, so the analogy is more than apt. ...Chuck _____________________________ Chuck Wade, Principal Interisle Consulting Group +1 508 435-3050 Office +1 508 277-6439 Mobile www.interisle.net Brad Porter wrote: > > I think the key is that you need to establish the following trust > relationship: > > user->browser->site > > The browser can't say anything credible about the site unless the > browser has a trust relationship with the user. Implicitly, we're > saying that the user can't trust the site without the browser > representing that site. > > If we were to change terminology, I might say something like > "browser-specified presentation elements" or "browser-controlled > presentation elements" instead of chrome. This phrasing also > addresses the issue that visual chrome doesn't apply across modalities > or with different accessibility models. In these cases, the > presentation elements might be audio instead of visual or accessible > via a hot-key or some other mechanism. > > --Brad > > > Mike Beltzner wrote: >> >> A couple of definitions I found ..: >> >> "The interface elements of a browser, or any other program, that >> create the frame around the window that displays pages." >> (cite: >> http://www.chriscassell.net/classes/2001/winter/gdt150/handouts/vocabulary.html) >> >> >> "The visible graphical interface features of an application are >> sometimes referred to as "chrome". They include graphical elements >> (widgets) that may be used to interact with the program. Common >> widgets are: windows, buttons, menus, and scroll bars. Larger >> widgets, such as windows, usually provide a frame or container for >> the main presentation content such as a web page, email message or >> drawing. Smaller ones usually act as a user-input tool." >> (cite: http://en.wikipedia.org/wiki/User_interface_chrome#GUI_design) >> >> I think the salient detail is that chrome is what allows the user to >> interact with the browser alone from interacting with the web >> content. Bob's point about the display of chrome being restricted to >> the browser is also good to keep in mind, and relevant for our purposes. >> >> cheers, >> mike >> >> On 12-Feb-07, at 9:44 AM, Bob Pinheiro wrote: >> >>> I thought the key distinction with regard to "chrome" is that there >>> are certain areas of the browser window that are solely under the >>> control of the browser, and not the website being displayed. So >>> anything displayed in the "chrome" can be assumed to be coming from >>> the browser itself, and not the website. However, if some browsers >>> have areas where both the browser and the website can communicate >>> information, that seems to muddy the issue. Maybe such areas should >>> have a different name, reserving "chrome" for those areas where only >>> the browser can communicate to the user. >>> >>> At 08:16 AM 2/12/2007, Mary Ellen Zurko wrote: >>> >>>> During our f2f, the discussion about "chrome - what is it" came up >>>> again. The discussion was part of going over "Poorly defined role >>>> for chrome". It was a divergence at the time, so we decided to take >>>> the discussion to the list. See: >>>> http://www.w3.org/2007/01/30-wsc-minutes.html >>>> "what is chrome? diaglog boxes should be included" >>>> >>>> We'll need the definition of Chrome for the Glossary that Tim is >>>> pulling together as well. >>>> >>>> What I mean to mean by Chrome are the parts of the window that >>>> include information that the User agent/Browser is trying to >>>> communicate to the user, vs the parts where the browser is >>>> (expected to) faithfully represent what the web site/page is trying >>>> to communicate to the user. Some areas in some browsers currently >>>> contain both (for example, the title area including both the HTML >>>> title and browser identity information). >>>> >>>> Anyone else have a better definition? >>>> >>>> I also remember people getting fixated on the word. If the word >>>> itself is getting in the way of a concept we consider important, >>>> then we can start using some other word which we can all agree on. >>>> So this might instead be an exercise where we agree on the concept >>>> first, then agree on the word we'll use. >>>> >>>> >>>> [ACTION-132 - Start discussion on mailing list to draw chrome items >>>> out and get analysis completed [on Mary Ellen Zurko - due >>>> 2007-02-13].] >>>> >>>> Mez >>>> >>>> Mary Ellen Zurko, STSM, IBM Lotus CTO Office (t/l 333-6389) >>>> Lotus/WPLC Security Strategy and Patent Innovation Architect >>> --------------------------------------- >>> Bob Pinheiro >>> FSTC Project Management >>> Bob.Pinheiro@FSTC.org >>> 1 908-654-1939 >> >> >> > >
Received on Monday, 12 February 2007 18:18:11 UTC