public-wsc-wg@w3.org from October 2007 by subject

[TLS] security levels for TLS

ACTION-284: Trusted Certs

ACTION-294: Review threat trees draft wrt dns poisoning

ACTION-298: Clarification needed for user intervention requirements in 7.3.1

ACTION-299: Whack-a-mole definition

ACTION-301: Usability review of Identity Signal

ACTION-303: Page scoring usability test

ACTION-307 Propose language based on McCormick's slides

ACTION-312 Provide a first pass of associating wiki links with the FPWD text

ACTION-323 Respond with a proposal on ISSUE-115

Agenda: no call 17 October.

Agenda: WSC WG distributed meeting, Wednesday, 2007-10-10

Agenda: WSC WG distributed meeting, Wednesday, 2007-10-24

Agenda: WSC WG distributed meeting, Wednesday, 2007-10-31

An (almost) real-life TLS MITM

clarifications needed re safe form editor cert matching algorithm

directions for dinner

Editor's draft update: Some actions done, more to follow

IE Favorites Feature May Allow Phishing

Interesting Article on Client Side Attacks

ISSUE-101 Create "visiting known site that is now malware" use case as per ACTION-275

ISSUE-109: Should there be recommendations against favicons? [Techniques]

ISSUE-110: POST triggered via JavaScript [Techniques]

ISSUE-111: Do we need material for login-specific form interactions? [Techniques]

ISSUE-112: Conformance models for usability? [Techniques]

ISSUE-113: Trusted Certificates [Techniques]

ISSUE-114: Self-signed certificate changeover [Techniques]

ISSUE-115: Mixing of security information and content in non-visual environments? [Techniques]

ISSUE-116 (Hal): Should users be able to reconfigure primary chrome? [Techniques]

ISSUE-117 (serge): Eliminating Faulty Recommendations [All]

ISSUE-118: Interaction glossary? [Techniques]

ISSUE-119: no-interaction certs [Techniques]

ISSUE-120: Audio "logotypes" [Techniques]

ISSUE-121: Safe Form Bar certificate matching issues [Techniques]

ISSUE-122: Safe Form Bar: CA practice assumptions [Techniques]

ISSUE-123: Safe Form Bar: HTTP assumptions in "no TLS" section [Techniques]

ISSUE-124: Safe Form Bar: reliable text [Techniques]

ISSUE-125: Safe Form Bar: on screen masking phrased in terms of visual user agents [Techniques]

ISSUE-126: Define "picture-in-picture attack" [Techniques]

ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]

ISSUE-128: Strong / weak algorithms? [Techniques]

ISSUE-129: Should we say anything about scoring techniques? [Techniques]

ISSUE-130 (Trust Anchors): Trust Anchor Consistency Across Devices? [Techniques]

ISSUE-83: Scenario updates (for certain abilities andfunctional limitations)

ISSUE-97: Should logotypes be tied to EV certificates? [Techniques]

Larry Seltzer on browser SSL errors and EV

Meeting record: 2007-10-24

Meeting record: WSC WG f2f 2007-10-02

Meeting record: WSC WG f2f 2007-10-03

Meeting record: WSC WG weekly 2007-10-10

More props Re: ISSUE-83: Scenario updates (for certain abilities andfunctional limitations)

Phishing++

PhishTank Annual Report

PII Editor => Safe Web Form Editor

Please review: Safe Web Form Editor in Editor's Draft

Publication candidate for wsc-threats

Publication candidate for wsc-usecases

Safe bar: really "full-screen rendering"?

Safe Web Browsing

TAG on passwords in the clear at the WSC TPAC meeting

Testability of recommendation

Threat trees - DNS poisoning - luring attack

travel: WSC WG distributed meeting, Wednesday, 2007-10-31

Whys, wherefores, examples (Re: Certificate status checks vs validity period; self-signed certs (Re: Current state of editor's draft / IdentitySignal))

WSC Open Action Items

WSC WG f2f November 2007 Agenda (v 1.0)

WSC WG f2f October 2007 Agenda (v 1.1)

wsc-xit: Please review for publication.

Last message date: Wednesday, 31 October 2007 23:16:03 UTC