Re: "Chrome"

On 2007-02-12 10:45:36 -0800, Brad Porter wrote:

> I think it is a fair question to ask who is responsible for
> presenting security context information -- the browser or the OS.
> We may need a definition of browser to complete this mix.  As
> OSes begin to incorporate more HTTP and XML rendering into their
> core capabilities, they become browsers. 

> However, I think much of our security context consideration may
> be able to remain agnostic to whether the browsing functionality
> comes from the OS or an application.

Maybe we don't want to talk about "browser-controlled presentation
elements", but "locally controlled presentation elements" or "user
agent controlled presentation elements" or some such.

The rationale here is that, for our purposes, whatever isn't
controlled by the site, but used to communicate security context
information, is the thing that we are writing practices and
recommendations for, and that we will ultimately have conformance
criteria for.  We just need to give it a name that's not too
confusing, and better than "foo". ;-)

Whether it's implemented on the OS layer or elsewhere ultimately
shouldn't be driving our discussion.

>>  4. Should there be standard conventions for how to display the
>>     state of browser content controls within the default window
>>     frame "chrome" areas? (e.g., popups currently blocked) Can
>>     we keep this from leading to another round of toolbar
>>     mania?

> I think that is what the group is trying to do.  I'm not convinced that 
> it should be withing "window chrome", but certainly we're trying to 
> standardize how that information is presented in the "browser-controlled 
> presentation elements."

I agree.

-- 
Thomas Roessler, W3C  <tlr@w3.org>

Received on Tuesday, 13 February 2007 09:29:46 UTC