Re: Safe Web Browsing Recommendation put in template form from Mary Ellen Zurko on 2007-06-08 (public-wsc-wg@w3.org from June 2007)

From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Date: Fri, 8 Jun 2007 09:41:58 -0400
To: dan.schutzer@fstc.org
Cc: public-wsc-wg@w3.org
Message-ID: <OFEF86B43D.ABEEB887-ON852572F4.0048D862-852572F4.004B4445@LocalDomain>

"The Secure Browsing Mode would need to be extremely difficult, if not 
impossible to fool into placing on its ?trusted list?, or passing through 
an ?untrusted site?. "
I don't think either of the ways you outline would work for my place of 
business, and I believe a proposal like this should be applicable to where 
I work. I can't remember if any of the actions you took away from the f2f 
addressed this. 

"User fails to activate the safe browsing mode and mistakes the spoofed 
site for the desired site. We believe that if the majority of the 
legitimate community, such as banking, moves to delivering only over Safe 
Browsing mode and educating the consumers accordingly, this type of attack 
could be greatly minimized, just as customers are trained to protect their 
ATM card and their PIN. "
Since this is a usability issue, and the wg is meant to be ensuring (some 
level of) usability, your proposal should include some references to 
usability practice or literature supporting your beliefs. This is also 
something we should usability test. If you have ideas on how, we should 
start documenting/planning that. 

The proposal needs a pass through for conformance language (like all the 
others). For this one in particular, it's still hard for me to pull out 
mentally what that's going to look like (what will be must, what should, 
etc.).

"Make it easy to view and understand the contents of a server cert"
I disagree that user's should be expected to understand certificate 
contents, and I think we have a number of proposals reflecting that. If 
there's something important about the certificate, the user agent should 
get that across in a meaningful way. 

"Display warning when a hostname is resolved via local HOST file instead 
of DNS "
I disagree that warnings are the right direction for detailed technical 
security concerns. I myself had to get a detailed explanation of this one 
to understand why a user should care. This should be folded into the "what 
is a secure page" proposal and the InfoPageSummary proposals, as 
appropriate. 

"Show [security context] in all modes including full screen"
It's not clear what to do in reduced screen contexts, and Luis is 
grappling with that right now. 

"Make it impossible for client scripts, controls, add-ons, or plugins to 
alter address bar or [security context displays] "
We've discussed this on the list. Out of scope, plus concensus is disgree 
as well. Needs to be removed. 

"Checking for server cert revocation on by default 
Block https access when hostnames in the server cert and URL don't match. 
No confusing dialog box 
Block https access when server cert not issued by a trusted RCA. No 
confusing dialog box 
"
I believe these too should be moved to "what is a secure page". 

          Mez

Mary Ellen Zurko, STSM, IBM Lotus CTO Office       (t/l 333-6389)
Lotus/WPLC Security Strategy and Patent Innovation Architect




"Dan Schutzer" <dan.schutzer@fstc.org> 
Sent by: public-wsc-wg-request@w3.org
05/22/2007 10:30 AM

To
<public-wsc-wg@w3.org>
cc
"'Dan Schutzer'" <dan.schutzer@fstc.org>
Subject
Safe Web Browsing Recommendation put in template form






I drafted the Safe Web Browsing recommendation (using the template) that 
can be found at http://www.w3.org/2006/WSC/wiki/SafeWebBrowsingTemplate in 
satisfaction of my action item, which I propose can now be closed.

Received on Friday, 8 June 2007 13:42:20 UTC