- From: Dan Schutzer <dan.schutzer@fstc.org>
- Date: Wed, 31 Oct 2007 05:57:05 -0400
- To: "'Mary Ellen Zurko'" <Mary_Ellen_Zurko@notesdev.ibm.com>, <public-wsc-wg@w3.org>
- Cc: "'Dan Schutzer'" <dan.schutzer@fstc.org>
- Message-ID: <028a01c81ba4$65b275c0$6500a8c0@dschutzer>
I had submitted quite a while ago responses to : [OPEN] ACTION-302: Daniel Schutzer to Create sketches and interaction notes to send to usability testing group - due 2007-10-09 Here it is: Safe Web Browsing Description of operation When a user opens the browser, the first page they see requests them to click on one of two choices: 1. Go into Safe Web Mode (restricted to only trusted websites) 2. Browse the entire Internet When in Safe Mode, the entire browser chrome will be a distinctive different color, such as green. There should be a default color, but it should be adjustable by the user. A button will appear in the chrome that says "Safe Mode, click to return to Full Internet." When not in Safe mode the button, will say "Full Internet Browsing, click to return to Safe Mode" Once selected, the browser will stay in Safe Web Mode until the user either closes down the browser, or clicks on a button in the Chrome that says "return to Full Internet" Anytime a user is at a web site, the user should be able to "add" or "delete" that site from Safe Mode. There should be a button in the chrome that allows this action. To be added to Safe Mode, a site must be qualified. If a site is not qualified to be in placed in Safe Zone, and a user attempts to add this site to Safe Mode, the browser will return a message that says "This web page is not qualified to be viewed in Safe Mode" To be allowed in Safe Zone, a site would have to conform to the requirements specified in the Safe Web Browser Recommendation; namely, the site must be able to be authenticated as a safe site (for example: page must be digitally signed with an appropriate certificate and logo type, which validates the site has undergone appropriate investigation and on-going auditing by an authorized authority, and the sites IP addresses match addresses previously registered and signed by registration agent). When in Safe Mode, besides the web page checking, the browser's security settings will be automatically set to maximum protection. _____ From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Mary Ellen Zurko Sent: Tuesday, October 30, 2007 5:51 PM To: public-wsc-wg@w3.org Subject: WSC Open Action Items 1) Do not let your Action Items go past due. It creates overhead for me, which is time I could spend on the content of the group, instead of trying to figure out what I should do about overdue action items. 2) Complete your Action Item by the Due Date. 3) Make sure to send an email to publis-wsc-wg with the exact ID somewhere in the subject line (upper case, with the "-", for example, ACTION-3) for tracking purposes. 4) Do NOT close it yourself; I'll do that. That's how they get into the agenda, so I can give you props during the meeting. Set the state to "pending review" when you've completed it. 5) If a personal emergency arises so that at the last minute you cannot possibly complete the Action Item by the Due Date, reset the Due Date. It takes only 30 seconds. And decreases my nag overhead. 6) The roof was scarcely visible, The cornice but a mound. Thank you to all of you who do all this without regular personal reminders. [OPEN] ACTION-214: Bill Doyle to solicit commentary on Threat Trees from MITRE INFOSEC community - due 2007-10-20 [OPEN] ACTION-274: Bill Doyle to experiment with lc-comments-tracker and report back - due 2007-10-20 [OPEN] ACTION-284: Phillip Hallam-Baker to suggest fine-tuning of terminology in section 4 - due 2007-10-03 [OPEN] ACTION-293: Tim Hahn to Update Browser Lockdown section per the discussion in this call and the comments on the list. - due 2007-09-21 [OPEN] ACTION-302: Daniel Schutzer to Create sketches and interaction notes to send to usability testing group - due 2007-10-09 [OPEN] ACTION-304: Phillip Hallam-Baker to Produce demo or lo-fi protype of secure letterhead - due 2007-10-09 [OPEN] ACTION-305: Tim Hahn to Get back to maritzaj on what questions he has, or any lack thereof - due 2007-10-09 [OPEN] ACTION-317: Thomas Roessler to Note the open discussion about how PII notions of cert-handling fold into the rest of the document, particularly around self-signed certs and KCM - due 2007-11-30 [OPEN] ACTION-318: Thomas Roessler to Draft a new subsection to section 7 discussing the mixing of trusted/untrusted information in the UI - due 2007-11-30 [OPEN] ACTION-320: Thomas Roessler to Add authoring BP re HTTPS -> HTTP submits (issue-107) - due 2007-11-30 [OPEN] ACTION-321: Bill Doyle to to look for cyphersuite strength standard that we can reference - due 2007-10-31
Received on Wednesday, 31 October 2007 09:57:26 UTC