- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 18 May 2007 01:21:04 +0200
- To: WSC WG <public-wsc-wg@w3.org>
The minutes from our meeting on 2 May have been approved, and are available online: http://www.w3.org/2007/05/02-wsc-minutes Regards, -- Thomas Roessler, W3C <tlr@w3.org> [1]W3C WSC WG weekly 2 May 2007 [2]Agenda See also: [3]IRC log Attendees Present Shawn, MaryEllen_Zurko, jvrkey, Bill_Doyle, staikos, Tyler, rachna, Maritza_Johnson, Mike_McCormick, Serge, Audian, yngve, luis, DanSchutzer, Tim_Hahn Regrets Johnathan_N, Thomas_R, Phil_HB, Stuart_S, Paul_H, Bruno Chair MEZ Scribe Shawn Duffy Contents * [4]Topics 1. [5]approve minutes from last meeting 2. [6]Newly closed action items 3. [7]favicons from Michael M 4. [8]What is a secure page? 5. [9]Anti-Patterns derived from SSL certificate dialogs 6. [10]KDE Robustness Practices 7. [11]Editors discussion * [12]Summary of Action Items _________________________________________________________________ <scribe> Agenda: [13]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0356.html approve minutes from last meeting <staikos> I can't complain Mez: any complaints? ... minutes approved Newly closed action items Mez: did not hear any issues on list ... items closed and approved favicons from Michael M [14]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0256.html Michael: assuming we're familiar with favicons ... icons that appear in title bars, etc ... some concerns about favicons on security context ... users are beginning to view favicons as part of security context ... compounded by the fact that it appears in chrome ... any entity can steal or create their own favicons ... no central authority for favicons ... favicons should be treated as a security anti-pattern ... undermine security context display ... blur the distinction between chrome and content ... some things that could be done to make them more secure ... tied to dns? crypto? ... ensuring no two sites use the same one, etc <staikos> Michael is describing logotype Mez: checking for concerns yngve: example... the major banking clearinghouse in norway ... has a favicon from netscape staikos: favicons have been a concern at kde ... what to do with invalid certs ... dont want a popup dialog just for favicons ... perfect ssl or ignore favicon ... useers would confuse konqueror icon and favicon ... users not knowing what favicons are ... hard to use favicons as logos because of size/resolution ... the secure version would be a logotype extension ... philip could speak to this Tyler: michael's description... should recommend that browsers not display favicon ... without vetting ... is this possible from the browser dev standpoint? <staikos> I predict user revolt yngve: needs to check with usability people ... thinks users would miss them ... websites might also want them <staikos> I agree with yngve <Audian> require EV cert? Tyler: if we cant remove favicons, can we add some vetting or conditions? ... is that acceptable to users/websites <staikos> KDE doesn't display it if it comes via SSL and the cert is expired/invalid/self signed/etc staikos: if we require cert, we should jst require logotype extension tyler: example on restrictions ... ??? missed that one <staikos> that sounds like a browser extension to me - not something to build in <jvkrey> only display it when the site is infact in favourites/bookmarks ? <Audian> me too <serge> I agree serge: back on ev cert issue <Mez_> tyler: how about only showing favicon if the user has configured some sort of trust, like a petname? serge: seems silly to display only when there is a EV cert ... still relying on arbitrary third party Mez: thoughts on tyler's suggestions? serge: good idea, but may be out of scope Mez: petnames and favicons are not out of scoper ... any more on favicons? ... similar concerns as george regarding favicon and url display ... is there anything about favicons and how they interact.. ie, research rachna: looked at favicons Mez: are they useful or confusing? rachna: users love them and rely on them as an important indicator ... maybe more than https ... maybe more than url ... they are misunderstood yngve: any difference between tab icon and url mez: any more on favicons? ... Michael can you update favicons in wiki? ... personally would support favicons recommendations <scribe> ACTION: Michael to update favicons in Wiki [recorded in [15]http://www.w3.org/2007/05/02-wsc-minutes.html#action01] <trackbot> Sorry, amibiguous username (more than one match) - Michael <trackbot> Try using a different identifier, such as family name or username (eg. mmccormi, msmith9) <staikos> I find it hard to imagine removing favicons anytime soon <scribe> ACTION: Mike_McCormick to update favicon in wiki [ - due 2007-05-16 ] [recorded in [16]http://www.w3.org/2007/05/02-wsc-minutes.html#action02] <trackbot> Sorry, couldn't find user - Mike_McCormick <PHB> I think that the recommendation on favicons should emphasize the unauthenticated nature of the information presented and the abmigous security situation <staikos> my corporate firewall could b e adjusted to block it too <jvkrey> :) <scribe> ACTION: McCormick to update favicons in wiki [ - due 2007-05-16 ] [recorded in [17]http://www.w3.org/2007/05/02-wsc-minutes.html#action03] <trackbot> Created ACTION-208 - update favicons in wiki [ [on Michael McCormick - due 2007-05-02]. <Mez_> [18]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html- What is a secure page? <staikos> PHB: logotype seems like the right choice for the future on secure pages. On insecure pages users want a way to create bookmarks with meaningful icons, and to find the right tab in their browser yngve: limit the definition of secure page <Mez_> [19]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html <staikos> hm that should have been PHB, yngve: can't assess security of client ... padlock is indicator of client's evaluation of security ... opera uses every element including redirects ... opera includes key strength, warnings, ocsp info ... other client may use different criteria ... primary problem: how to handle mixed security elements ... and redirects ... form submit between secure/insecure ... padlocks on insecure pages ... suggestion - how to recommend the behavior of services ... e.g. no padlock, discourage unsafe practices Mez: struggling with issues raised ... may begin to include ajax/json ... what to do with mixed content ... we havent dealt with it in proposals yet ... anyone have ideas regarding mixed content? yngve: secure main page with insecure images ... having it secure will cost too much Bill: mixed security for user content or ads? ... user data in mixed content ties in with previous thread ... what do you mean by mixed? Mez: reminded on action ... "everything" ... can we partition it? Bill: some doesn't matter... some users might care about yngve: arbitrarily deciding whats important... client has to tell ... either everything or mixed should be insecure Bill: Can we differentiate between user content and other yngve: has seen secure sourcing external insecure js Bill: a payment page would likely be "important" ... tough question Mez: would like it to be part of the recommendations ... any more comments on secure page? <scribe> ACTION: yngve to update wiki with recommendation on mixed content [ - due 2007-05-16 ] [recorded in [20]http://www.w3.org/2007/05/02-wsc-minutes.html#action04] <trackbot> Created ACTION-209 - update wiki with recommendation on mixed content [ [on Yngve Pettersen - due 2007-05-02]. Anti-Patterns derived from SSL certificate dialogs <Mez_> [21]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0289.html McCormick: we spoke about an example of a site with a self-signed sert ... confusing warnings and dialog ... promoting specific anti-patterns ... the 4 anti-patterns: ... use of technical jargon users may not know ... giving the site url as the only contact info ... suggesting actions that cannot be performed ... not explaining consequence of options ... Mez had some good comments... linked email to recommendation ... can we use that to launch discussion Mez: first pattern... in this context and johnathan's proposal... ... technical info is usually related to crypto pki <staikos> PKI is not only hard in the browser <staikos> it's hard everywhere <staikos> that's why we have unencrypted email everywhere Mez: dont know if anyone is aware of research that can make crypto and pki understandable ... mapping them to errors ... any references? <Tyler> petname tool staikos: example.. <Mez_> what about petname takes on crypto/pki and makes it easier tyler? staikos: sent email to tech support... attached digital sig ... got encrypted response ... some software will do this automatically ... automation and transparency is key to implementation Mez: familiar with some of this software ... dont know how they deal with errors Tyler: details of crypto not important... the guarantee is important ... a proper TLS session ensures some.. how to match that to user expectiations ... petname tool only lights up when connection is secure to trusted party Mez: How do we deal with errors, though? ... are errors discounted? <Audian> Is the question about how 'we' deal with errors or how 'users' deal with errors? Tyler: let's not try to define those errors to user ... just tell them they cant trust... not why they cant yngve: problem with errors... ... client expects user to continue but cant guarantee security ... if there is an error, dont display anything Tyler: two scenarios ... either an attack is in process ... site is misconfigured yngve: misconfiguration is most likely ... self-signed certs are an example ... attack scenario less likely ... what should the client do? ... does it not display error asking user to continue? tyler: self-signed cert not a misconfiguration yngve: its a misconfig from a client POV <staikos> sometimes a self-signed cert IS a misconfiguration <staikos> like "oops, forgot to install the cert I bought" tyler: do self-signed certs represent the majority of "misconfigurations"? yngve: webmail often has these problems <staikos> I agree with Ingve. yngve: cert often has wrong name <staikos> I have been trying to encourage some of these webmail solution to repair their problems tyler: domain name mismatches are a large portion Mez: this is in our charter and goals... to talk about configuration ... we need to identify context problems that arise from server copnfiguration yngve: high-trust sites should not provoke security errors.. .such as banks Mez: any more comments on pki/crypto and errors in context info? <scribe> ACTION: McCormick to encapsulate error and anti-pattern info to wiki [ - due 2007-05-16 ] [recorded in [22]http://www.w3.org/2007/05/02-wsc-minutes.html#action05] <trackbot> Created ACTION-210 - encapsulate error and anti-pattern info to wiki [ [on Michael McCormick - due 2007-05-02]. KDE Robustness Practices <Mez_> [23]http://www.w3.org/2006/WSC/wiki/NoteKDECurrentPractice staikos: kde tries to be robust but gets stuck on compatibility issues ... any area people would like to hear about? ... haven't worked on all areas... been developed over a long time Mez: some of our robustness recommendations ... do not allow content to make display area small ... move it off-screen, etc ... all could be parts of recommendation staikos: agreed... but may be obsolete ... most browsers may already do this Mez: agreed.. but may be worth including anyway staikos: good to document... not entirely obvious ... html spec does not forbid the things that we want to forbid ... we have one thread that runs js code ... errors would cause infinite loops ... now guards against long-running processes Mez: is this a part of security indicators? staikos: this was more of a stability to issue ... to prevent unnecessary denial of service Mez: smart pop-up blocker... staikos: may not be a security issue ... must be careful not to become incompatible with other browsers Mez: asked about stricter policies staikos: those were related to networking... ... frames and ssl ... various browsers had different ways of relaying information to users ... initially, had very strict policies... had to relax them for incompatibility issues Mez: any comments on kde robustness practices? ... no comments <scribe> ACTION: staikos to add robustness info to wiki that may turn into recommendation [ - due 2007-05-30 ] [recorded in [24]http://www.w3.org/2007/05/02-wsc-minutes.html#action06] <trackbot> Created ACTION-211 - add robustness info to wiki that may turn into recommendation [ [on George Staikos - due 2007-05-02]. we may need to adjust due dates... they appear to not be recorded properly Mez: is this something to be referred to another WG? staikos: possibly Editors discussion I'd like to defer to tyler since he's been working on most of it recently and I will chat with him offline Tyler: thoughts laid out in email <Mez_> can someone put in the url of tyler's email? I'll go looking... Tyler: still more detail needed from people who brought up the lightning topics ... need a champion for each recommendation <Mez_> [25]http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0349.html Tyler: and to help design the test ... will people who bring up topics be the champion for those topics? ... create a template for what the proposal should look like ... section on what usecases it addresses ... need more input on the template from everyone else Mez: would like to hear from people who contribute to lightning discussions ... willing to do so for my lightning topics DanSchutzer: willing to do so as well Mez: mike, yngve... does this work? McCormick: will a template be provided? Mez: you can do it in two stages ... tyler can speak to when a template will be available tyler: written up a usual... ... we develop a template together ... I could do it or we solicit feedback first DanSchutzer: I'd be willing to do it.. ... can we have a straw-man template <scribe> ACTION: Tyler to create straw-man template for recommendations [ - due 2007-05-11 ] [recorded in [26]http://www.w3.org/2007/05/02-wsc-minutes.html#action07] <trackbot> Created ACTION-212 - create straw-man template for recommendations [ [on Tyler Close - due 2007-05-02]. Mez: earlier would be better if possible Tyler: can I get feedback on other proposals outlined in email? Mez: do we have an easy list to refer to? Tyler: they're all listed in the note Mez: 10.1 and 10.2 <Mez_> [27]http://www.w3.org/2006/WSC/drafts/note/#usability-principles Tyler: yes... list of usability principles... should be based on this Mez: I like the idea... anyone else? Tyler: section that lists security information ... having a section of each recommendation referring to this would be helpful Mez: need a regular way for referring to these Tyler: anyone else have suggestions on sections for the recommendation? Mez: looking at the note... wondering if robustness proposals will have a different set Tyler: most of those would reference usability principles Mez: a good first pass for template ... can imagine other references... ... presentation ... not sure they should be part of the template Tyler: each section should list goals of the group it meets ... 4 hypothetical section for the template ... what do you need to read for recommendation? *crickets chirping* <tjh> thanks Mez: you covered much of it... ... what kind of testing we do on each of these ... how do we get from a cluster of proposals to implementation and testing ... anyone have ideas on how they will be involved? ... think about how you might be involved and how we make that transition ... will bring it up in email Tyler: at the last f2f, staikos talked about a scriptable browser implementaiton ... for testing <rachna> We should start with lo-fidelity testing to determine the set of proposals that can be implemented in hi fidelity prototypes and tested formally. <staikos> (following along... sorry but it's just not ready enough yet - I got side tracked with work and couldn't finish the last 5%) tyler: what do you need in a proposal? ... for lo fidelity testing rachna: can be done at any stage of the prototype... <Mez_> staikos, what will you need from a proposal to figure out if it can be implemented in the prototyping framework you're proposing use of? rachna: need to specify the feature ... person who proposes it may need to propose how to test it <staikos> just a detailed list of features. basically there is -nothing- there rachna: specify how or what to test each proposal ... need to be specific to make the prototype easier ... prototyping is a way to do design ... getting feedback on implementation maritza: may need to have alternatives for testing racha: may need to different variations on each proposal Tyler: does your testing line up with our lightning discussions rachna: some does.. tyring to differentiate whats in-scope and whats not Tyler: are logotypes in scope Mez: hasn't made a statement regarding them ... will try to identify when something is out of scope Tyler: there is already a published rfc on logotypes ... sounds like they are fully-specified ... what sort of role do you (rachna) envision playing in the proposals? ... or focus more on testing? rachna: can make proposals and can do testing Tyler: any lightning proposals that you would like to write up for dublin? rachna: yes <serge> I need to get to another meeting. <Mez_> so shawn, it's to put a lightening proposal in the wiki based on her current work <Mez_> as the action <Mez_> by may 11 <scribe> ACTION: rachna to write a lightning proposal in the wiki based on her work [ - due 2007-05-11 ] [recorded in [28]http://www.w3.org/2007/05/02-wsc-minutes.html#action08] <trackbot> Sorry, amibiguous username (more than one match) - rachna <trackbot> Try using a different identifier, such as family name or username (eg. rdhamija2, rdhamija) <scribe> ACTION: rdhamija2 to write a lightning proposal in the wiki based on her work [ - due 2007-05-11 ] [recorded in [29]http://www.w3.org/2007/05/02-wsc-minutes.html#action09] <trackbot> Created ACTION-213 - write a lightning proposal in the wiki based on her work [ [on Rachna Dhamija - due 2007-05-02]. Mez: next week we're off ... will send a reminder ... thomas will be chairing next meeting on 16th Summary of Action Items [NEW] ACTION: McCormick to encapsulate error and anti-pattern info to wiki [ - due 2007-05-16 ] [recorded in [30]http://www.w3.org/2007/05/02-wsc-minutes.html#action05] [NEW] ACTION: McCormick to update favicons in wiki [ - due 2007-05-16 ] [recorded in [31]http://www.w3.org/2007/05/02-wsc-minutes.html#action03] [NEW] ACTION: Michael to update favicons in Wiki [recorded in [32]http://www.w3.org/2007/05/02-wsc-minutes.html#action01] [NEW] ACTION: Mike_McCormick to update favicon in wiki [ - due 2007-05-16 ] [recorded in [33]http://www.w3.org/2007/05/02-wsc-minutes.html#action02] [NEW] ACTION: rachna to write a lightning proposal in the wiki based on her work [ - due 2007-05-11 ] [recorded in [34]http://www.w3.org/2007/05/02-wsc-minutes.html#action08] [NEW] ACTION: rdhamija2 to write a lightning proposal in the wiki based on her work [ - due 2007-05-11 ] [recorded in [35]http://www.w3.org/2007/05/02-wsc-minutes.html#action09] [NEW] ACTION: staikos to add robustness info to wiki that may turn into recommendation [ - due 2007-05-30 ] [recorded in [36]http://www.w3.org/2007/05/02-wsc-minutes.html#action06] [NEW] ACTION: Tyler to create straw-man template for recommendations [ - due 2007-05-11 ] [recorded in [37]http://www.w3.org/2007/05/02-wsc-minutes.html#action07] [NEW] ACTION: yngve to update wiki with recommendation on mixed content [ - due 2007-05-16 ] [recorded in [38]http://www.w3.org/2007/05/02-wsc-minutes.html#action04] [End of minutes] _________________________________________________________________ Minutes formatted by David Booth's [39]scribe.perl version 1.128 ([40]CVS log) $Date: 2007/05/16 21:13:02 $ References 1. http://www.w3.org/ 2. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0356.html 3. http://www.w3.org/2007/05/02-wsc-irc 4. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#agenda 5. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item01 6. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item02 7. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item03 8. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item04 9. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item05 10. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item06 11. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#item07 12. file://localhost/home/roessler/W3C/WWW/2007/05/02-wsc-minutes.html#ActionSummary 13. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0356.html 14. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0256.html 15. http://www.w3.org/2007/05/02-wsc-minutes.html#action01 16. http://www.w3.org/2007/05/02-wsc-minutes.html#action02 17. http://www.w3.org/2007/05/02-wsc-minutes.html#action03 18. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html- 19. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0285.html 20. http://www.w3.org/2007/05/02-wsc-minutes.html#action04 21. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0289.html 22. http://www.w3.org/2007/05/02-wsc-minutes.html#action05 23. http://www.w3.org/2006/WSC/wiki/NoteKDECurrentPractice 24. http://www.w3.org/2007/05/02-wsc-minutes.html#action06 25. http://lists.w3.org/Archives/Public/public-wsc-wg/2007Apr/0349.html 26. http://www.w3.org/2007/05/02-wsc-minutes.html#action07 27. http://www.w3.org/2006/WSC/drafts/note/#usability-principles 28. http://www.w3.org/2007/05/02-wsc-minutes.html#action08 29. http://www.w3.org/2007/05/02-wsc-minutes.html#action09 30. http://www.w3.org/2007/05/02-wsc-minutes.html#action05 31. http://www.w3.org/2007/05/02-wsc-minutes.html#action03 32. http://www.w3.org/2007/05/02-wsc-minutes.html#action01 33. http://www.w3.org/2007/05/02-wsc-minutes.html#action02 34. http://www.w3.org/2007/05/02-wsc-minutes.html#action08 35. http://www.w3.org/2007/05/02-wsc-minutes.html#action09 36. http://www.w3.org/2007/05/02-wsc-minutes.html#action06 37. http://www.w3.org/2007/05/02-wsc-minutes.html#action07 38. http://www.w3.org/2007/05/02-wsc-minutes.html#action04 39. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm 40. http://dev.w3.org/cvsweb/2002/scribe/
Received on Thursday, 17 May 2007 23:21:18 UTC