- From: Serge Egelman <egelman@cs.cmu.edu>
- Date: Tue, 09 Oct 2007 20:59:33 -0400
- To: Ian Fette <ifette@google.com>
- CC: "Close, Tyler J." <tyler.close@hp.com>, public-wsc-wg@w3.org
Wait, are you saying that this new use case might overlap with an
existing one?
serge
Ian Fette wrote:
> I wonder if it doesn't fit with Installing? I.e. the Vicki use case
> ("Vicki is interested in finding out more about art auctions in the
> greater Boston area. She engages a search engine and tries to follow a
> link there. Her web browser consults a reputation service which has
> recorded that the link target will attempt to subvert the browser and
> install malicious software.") is listed as identified source,
> unidentified destination, installing. To me, the new use case seems like
> identified source, identified destination (she goes to that site often),
> installing.
>
> Although, to be honest, if someone disagrees it really doesn't matter to
> me how it gets classified... it just seems to me that it's most similar
> to the vicki case.
>
> -Ian
>
> On 10/9/07, *Close, Tyler J.* <tyler.close@hp.com
> <mailto:tyler.close@hp.com>> wrote:
>
> This use case is now at:
>
> http://www.w3.org/2006/WSC/drafts/note/#any-iio-1
> <http://www.w3.org/2006/WSC/drafts/note/#any-iio-1>
>
> It doesn't fit into our current categorization of
> Believing/Providing/Installing, since there is no user interaction,
> so I've just marked it "No interaction" and left it out of the
> category table.
>
> --Tyler
>
> ------------------------------------------------------------------------
> *From:* public-wsc-wg-request@w3.org
> <mailto:public-wsc-wg-request@w3.org>
> [mailto:public-wsc-wg-request@w3.org
> <mailto:public-wsc-wg-request@w3.org>] *On Behalf Of *Mary Ellen
> Zurko
> *Sent:* Friday, September 28, 2007 8:49 AM
> *To:* public-wsc-wg@w3.org <mailto:public-wsc-wg@w3.org>
> *Subject:* ISSUE-101 Create "visiting known site that is now
> malware" use case as per ACTION-275
>
>
> After much discussion, and great work on the part of all
> participants to craft the most acceptable proposal, we are
> resolving this issue according to the results of the poll.
>
> The final proposal for the use case is:
>
> Betty tries to connect to a web site at
> <_http://www.example.com/>._ <http://www.example.com/%3E.>She
> visits this site frequently to read various news and articles.
> Since her last visit, the site example.com <http://example.com>
> has been compromised by some method, and visitors are now being
> infected with malware. At the time of the current request,
> Betty's user agent now has information saying that example.com
> <http://example.com> is a known bad site. What interaction, if
> any, should occur?
>
> The poll results are:
>
> Accept: 7
> (ian f, anil s, thomas r, johnathan n, dan s, audian p, phill h-b)
>
> Abstain: 3
> (jan vidar k, cristian s, rachna d)
>
> Against:: 2
> (tyler c, serge e)
>
>
> Absent a material error in the count, I declare concensus on
> this issue. The editors will add the use case to wsc-usecases,
> and add Ian Fette to acknowlegements.
>
>
> On a related note, I am sorry I was not around to give direct
> feedback to people when the discussion tone occasionally slipped
> out of the totally professional and respectful. I know everyone
> is capable of engaged and even handed discussion, even when they
> totally disagree with others, and that an occasional personal
> and private reminder can go a long way towards halting any slips
> that might occur.
>
>
>
--
/*
Serge Egelman
PhD Candidate
Vice President for External Affairs, Graduate Student Assembly
Carnegie Mellon University
Legislative Concerns Chair
National Association of Graduate-Professional Students
*/
Received on Wednesday, 10 October 2007 01:00:15 UTC