Re: ACTION-376: Rewrite 5.5.3 to be more explicit about history tracking from Timothy Hahn on 2008-02-20 (public-wsc-wg@w3.org from February 2008)

From: Timothy Hahn <hahnt@us.ibm.com>
Date: Tue, 19 Feb 2008 22:38:30 -0500
To: W3C WSC Public <public-wsc-wg@w3.org>
Message-ID: <OF3293FEEA.57DA14D8-ON852573F5.0012DD4C-852573F5.0013F522@us.ibm.com>
Jonathan,

Sounds good.  I think for the normative text we should be as explicit as 
possible.

Proposed text:

The requirements in this section do not require user agents to store 
information about past interactions longer than they otherwise would. 
Historical TLS information stored for the purposes of evaluating 
changes of security level MAY be expunged from the user agent on the 
same schedule as other browsing history information.  Historical TLS 
information MUST NOT be expunged prior to other browsing history 
information.  For purposes of this requirement, browsing history 
information
includes visit logs, bookmarks, and information stored in a user agent 
cache.


The one thing I added above (within the blue text) is that I also noted 
cache contents in addition to visit logs and bookmarks.

Regards,
Tim Hahn
IBM Distinguished Engineer

Internet: hahnt@us.ibm.com
Internal: Timothy Hahn/Durham/IBM@IBMUS
phone: 919.224.1565     tie-line: 8/687.1565
fax: 919.224.2530




From:
Johnathan Nightingale <johnath@mozilla.com>
To:
Timothy Hahn/Durham/IBM@IBMUS
Cc:
W3C WSC Public <public-wsc-wg@w3.org>
Date:
02/19/2008 10:48 AM
Subject:
Re: ACTION-376: Rewrite 5.5.3 to be more explicit about history tracking



Hey Tim,

I agree with you here, and it was my thinking as well, that bookmarks 
should persist that information.  I guess in a lawyerish reading, you 
could argue it was already implied by the current text but I see no reason 
not to make it explicit.  How about:

The requirements in this section do not require user agents to store 
information about past interactions longer than they otherwise would. 
Historical TLS information stored for the purposes of evaluating 
changes of security level MAY be expunged from the user agent on the 
same schedule as other browsing history information (e.g. visit logs, 
bookmarks).  Historical TLS 
information MUST NOT be expunged prior to other browsing history 
information.

I don't know if a parenthetical (e.g.) is considered appropriate for 
normative text, but really I think we just want to cue implementors here. 
If you would favour something more direct ("For the purposes of this 
requirement, browsing history includes..." I think I'd be fine with any 
alternate text you suggested along those lines as well.

Cheers,

Johnathan

On 18-Feb-08, at 8:00 AM, Timothy Hahn wrote:


Jonathan, 

I agree with the intent of the changes/addition (that user agents not be 
required to hold historical TLS information indefinitely). 

Does the reference to "other browsing history information" cover whatever 
is bookmarked?  My opinion is that for purposes of the added paragraph 
below, it should.  Thus, historical TLS information related to a 
bookmarked item SHOULD NOT be expunged from a user agent before the 
bookmark itself is removed. 

Regards, 
Tim Hahn
IBM Distinguished Engineer

Internet: hahnt@us.ibm.com
Internal: Timothy Hahn/Durham/IBM@IBMUS
phone: 919.224.1565     tie-line: 8/687.1565
fax: 919.224.2530



From: 
Johnathan Nightingale <johnath@mozilla.com> 
To: 
W3C WSC W3C WSC Public <public-wsc-wg@w3.org> 
Date: 
02/15/2008 04:52 PM 
Subject: 
ACTION-376: Rewrite 5.5.3 to be more explicit about history tracking





The current normative text in section 5.5.3 reads:

> Web user agents that have found a resource strongly TLS protected 
> during past interactions MUST consider an interaction with the same 
> resource as a change of security level if that interaction is not 
> strongly TLS protected. Web user agents that have found a resource 
> strongly TLS protected with an Augmented Assurance Certificate 
> SHOULD consider an interaction with the same resource as a change of 
> security level if that interaction is not strongly TLS protected 
> with an Augmented Assurance Certificate.

The concern I raised was that this seems to imply an obligation on 
user agents to store certificate history for an indeterminate period 
of time, and potentially independent of any privacy settings the agent 
might otherwise support.  For the purposes of addressing this concern, 
I think the text that is there is basically fine, but just needs to be 
elaborated on.  We want to say that we're not forcing the user agent 
to store this indefinitely, just that they keep it around *at least as 
long* as other history information.

I propose adding a new paragraph:

The requirements in this section do not require user agents to store 
information about past interactions longer than they otherwise would. 
Historical TLS information stored for the purposes of evaluating 
changes of security level MAY be expunged from the user agent on the 
same schedule as other browsing history information.  Historical TLS 
information MUST NOT be expunged prior to other browsing history 
information.

I believe this completes ACTION-376.

Cheers,

Johnathan

---
Johnathan Nightingale
Human Shield
johnath@mozilla.com







---
Johnathan Nightingale
Human Shield
johnath@mozilla.com
Received on Wednesday, 20 February 2008 03:38:47 UTC