Re: ISSUE-132: Update Section 10.1 of wsc-xit with information from updated browser lock down wiki page

Yes, but then they call up their help desk / ISP / son / whomever, and
are asked "Is HTTPS over SOCKS checked or unchecked" and they say "I
don't see where that option is...".

I really don't see why the user should ever be prevented from at least
viewing the settings.

On Nov 26, 2007 9:16 AM, Dan Schutzer <dan.schutzer@fstc.org> wrote:
>
>
>
>
> I would agree that a user should always be able to view and modify
> security-related configuration settings, but that if a user agent does their
> job correctly, it should not be necessary, especially for the user who would
> have trouble understanding the kind of detailed security configuration
> settings that one sees today in the Security tab
>
>
>
>  ________________________________
>
>
> From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On
> Behalf Of Mary Ellen Zurko
>  Sent: Monday, November 26, 2007 11:36 AM
>  To: Web Security Context Working Group WG
>  Subject: Re: ISSUE-132: Update Section 10.1 of wsc-xit with information
> from updated browser lock down wiki page
>
>
>
>
>
>  "A user agent MUST support a mode of operation whereby the user is unable
> to view or modify the security-related configuration settings. "
>
>  It seems wrong to me that there is a mode where the user is unable to view
> the security related configuration settings. In every context I've ever been
> in, having some ability to get to more information if helpful.
>
>  I would remove the "view or" part of this, unless I'm missing something.

Received on Monday, 26 November 2007 17:40:34 UTC