- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 27 Feb 2008 18:43:57 +0100
- To: WSC WG <public-wsc-wg@w3.org>
Minutes from our meeting on 2008-02-20 were approved and are
available online here:
http://www.w3.org/2008/02/20-wsc-minutes.html
A text version is included below the .signature.
(This version has the change that was agreed today. ;-)
--
Thomas Roessler, W3C <tlr@w3.org>
[1]W3C
WSC WG weekly
20 Feb 2008
[2]Agenda
See also: [3]IRC log
Attendees
Present
Mary Ellen Zurko, Phillip Hallam-Baker, Ian Fette, Jan Vidar
Krey, Bill Doyle, Maritza Johnson, Tyler Close, Rachna Dhamija,
Yngve Pettersen, Anil Saldhana, Johnathan Nightingale, Stephen
Farrell
Regrets
Thomas Roessler, Dan Schutzer, Hal Lockhart, Tim Hahn, Serge
Egelman
Chair
Mary Ellen Zurko
Scribe
Stephen Farrell
Contents
* [4]Topics
1. [5]Approve mintues from meetings
2. [6]Weekly completed action items
3. [7]Open Action Items
4. [8]Action items closed due to inactivity
5. [9]Agenda bash
6. [10]use cases to Note
7. [11]audio-logotypes
8. [12]section 10.1
9. [13]10.2 safe-browsing mode
10. [14]Low-fi prototype
* [15]Summary of Action Items
__________________________________________________________________
Approve mintues from meetings
[16]http://www.w3.org/2008/02/05-wsc-minutes.html
[17]http://www.w3.org/2008/02/06-wsc-minutes.html
[18]http://www.w3.org/2008/02/13-wsc-minutes.html
mez: no issues, minutes approved
Weekly completed action items
mez: Phill, Yngve & Tim did things
Open Action Items
[19]http://lists.w3.org/Archives/Public/public-wsc-wg/2008Feb/0028.html
Action items closed due to inactivity
343 is a dead horse
Agenda bash
<tyler> Can we send the use cases to Note?
mex: good addition to agenda
mez: adding "use cases to Note" to top of agenda
... otherwise as is
... agenda will roll over to next week as needed
... bashed
use cases to Note
mez: tyler - any open issues remaining?
tyler: no other than the one below from Tim
mez: did tim say it was ok on list?
<Mez>
[20]http://lists.w3.org/Archives/Public/public-wsc-wg/2008Feb/0004.html
mez: yes he's ok
tyler: other thing is accessibility feedback
... tyler folded 'em in but hasn't heard back
mez: got a link?
tyler: changes to table @ start of use cases
<Mez> [21]http://www.w3.org/2006/WSC/drafts/note/
<tyler> [22]http://www.w3.org/2006/WSC/drafts/note/#scenarios
tyler: table formatting now better for screen readers (e.g. comma sep
in cells)
mez: all looks splendid
... resolution - take uses cases to Note - any discussion?
... none
... so that's resolved
RESOLUTION: take uses cases to Note
mez: thanks tyler (tumultuous applause)
audio-logotypes
<Mez>
[23]http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#audio-logotype-p
ractices
mez: did Tim send a proposed update (checking)
<Mez>
[24]http://lists.w3.org/Archives/Public/public-wsc-wg/2008Feb/0021.html
<Mez> Specifically, audio logotypes SHOULD NOT include spoken text.
Audio
<Mez> logotypes MAY include short musical phrases. When a user agent
will both
<Mez> display visual logotype information as well as emit/play audio
logotype
<Mez> information, the user agent MUST ensure that the display/play of
these two
<Mez> forms are time-synchronized so that the start times of their
display/play
<Mez> coincides visibly and audibly.
mez: any issues on 9.6 going to LC in June?
ifette: wants to open an issue, wrt spoken name of company
... hopefully not contentious, but still TBD
mez: thing was that audio logotypes should be short (not too much
spoken text)
... does that ring an (audio) bell?
... bill, was that you?
bill: have to go back to notes
mez: let's do that
ifette: wants to propose that singing name and phone number (e.g. from
jingle) that should be ok
... not sure if we're constraining by #seconds (e.g. 1, 5 seconds)
... there was an issue with a 2nd audio-logotype
... more an annoyance issue rather than security
mez: its a SHOULD NOT not MUST NOT
ifette: maybe add an example and some MAY text for non-compliance with
SHOULD NOT
... audio-logotypes are rare so odd to constrain now
+1 on that last from stephenF
mez: we're getting expertise from <somewhere>
bill: for us the binding is the thing, isn't it?
mez: not sure, security overlap with usability is in scope for us
<Mez> [25]http://www.w3.org/2007/11/05-wsc-minutes.html
<Mez> [26]http://www.w3.org/2007/11/05-wsc-minutes.html#item07
mez: accessibility folks like music but not chatting here
... we should go back to tlr and janina and ask
<ifette> :-)
mez: back to 9.6, anything else?
... nothing, so looks like 9.6 stuff can go to LC in June
section 10.1
<Mez>
[27]http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#usage-modes
mez: on 10.1 now...formerly browser lock-down
<Mez> Web user agents that implement optional features of this
specification MUST support the configuration of different [Definition:
usage modes ] which determine which of thse optional features are
active. A usage mode MAY cover other configuration settings of a Web
user agent. A user agent SHOULD allow users to view details of why a
request to perform a Web transaction was denied if this decision was
based on the currently-active usage mode.
ifette: other than safe browsing mode, we have no other configurations
now
... was there a kiosk use-case (restricting showing thing then)
... has major concerns about 10.2, so unsure about 10.1 'till 10.2 is
ok (in terms of going to LC)
mez: is 10.1 only useful if something in 10.2 is ready for LC in June,
let's look...
... are there a number of optional features
ifette: says you MUST support different configurations which is odd if
we only have 1
<Mez> Implementations MAY make user interfaces available for the
purpose of designating AA-qualified trust roots.
ifette: SBM was a very different configuration, a huge change, as was
kiosk-mode
... creating a different usage-mode for a small difference seems wrong
... if we (later) add shockingly different modes we'll do something
rather shocking
maritzaj: is this more about how to configure preferences?
<Zakim> stephenF, you wanted to say that 10.1 would be a bad place to
have a MUST about a MAY in x.y where x!=10
<Zakim> johnath, you wanted to come back to something ian was saying
from a different angle - do we need 10.1 at all?
jonath: is 10.1 useful with only 1 known use?
jonath: can we just move on to modes we care about and let 10.1 fall
<ifette> +1 for falling
mez: looks like 10.1 could be put aside & revisited if 10.2 survives or
other examples come
... up that make it into June LC
maritzaj: section still v. abstract so probably not ready
mez: seems like consensus that 10.1 isn't ready
10.2 safe-browsing mode
<Mez> [28]http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#usage-sbm
<Mez> Web user agents SHOULD support a [Definition: Safe Browsing Mode
] as one usage mode. Users SHOULD NOT be able to change the settings of
this usage mode. This usage mode MUST be made available through an
interaction based on a Secure Attention Sequence.
<Mez> In this usage mode, interactions MUST be limited to a usage-mode
specific set of sites.
<Mez> Web user agents MUST require all Web transactions in this usage
mode to be strongly TLS protected. Use of self-signed certificates MUST
be considered cause for a change of security level.
<Mez> The optional technique 6.4.2 Handling certain man in the middle
attacks MUST NOT be used.
<Mez> For Web user agents with a visual user interface, Safe Browsing
Mode SHOULD be visually distinguishable from other usage modes.
<Zakim> ifette, you wanted to kill 10.2
ifette: +1 to zakim
... problems with implementation details and usability
... implemenation details: is this a whitelist or cert. exts ?
... both problematic
<Mez> for other recommendations, we've been OK about saying something
happens out of band, but we've had at least one example that we thought
was not problematic
ifette: seems v. far out
... on usability: we're relying on people switching modes which seems
like a big assumption
... can't imagine his mom will do that (or care)
<Zakim> stephenF, you wanted to ask if user's can't change settings,
who can?
phb:
... wants to distinguish this from the mechanism (e.g. logotypes)
... SBM might be a good idea, but is an R&D project
... if it were a strict subset of normal features (e.g. no Javascript,
funky html...)
... then maybe, but that's not defined and there's no prospect of us
getting there now
... would be good if there was a SBM but maybe has to be in OS/Bios
... would not want online banking in SBM, at most only some parts (e.g.
login, add payee, ...)
... same with shopping, only want checkout experience in SBM
... the wider the perimeter the less it can be secured
... so dump this section at this point
mez: sounds like nothing in section 10 is ready for LC in June
mez: agreed on the call that section 10 isn't ready for LC in June
anil: should there be a checkpoint in browser to last "safe" point
mez: got a fleshed out proposal?
anil: nope
mez: not sure how that'd work but maybe you (anil) do?
<Zakim> ifette, you wanted to say problematic idea
ifette: what checkpoint? general browser state is complex (versioning
etc.)
... if security settings, scope would be ok, but not clear that users'
would
... be able to bookmark their security settings (esp. less pointy
headed users)
... so what'd we be checkpionting & what benefit?
yngve: +1 to ifette, difficult to say what can/should be checkpointed
Low-fi prototype of security confidence estimate
mez: found a surprising level of support @ f2f consider earlier
objections
... but thinks we agreed (maybe not all) that to go fwd we need some
... prototyping
<maritzaj> (i think the defn we came to at the f2f differs
significantly from the originally proposed idea)
mez: so can we prototype what such an estimate might be?
... does someone want to lead this now, or better for next week? (with
... suitable prep. & right folks)
bill: support was to do prototyping rather than to include?
mez: people like the idea but not what we have so far
ifette: we need >1 prototypes, one isn't enough
... so we can say we prefer different elements (e.g. a binary and a
multi-level one)
... will scream if no 0's and 1's
maritzaj: original defn different from strawpoll options...
<rachna> yes
maritzaj: some confusion existed @ strawpoll
... would a binary ssl/no-ssl be a page security score or not?
ifette: thinks that binary indicator qualifies and scarily seems to him
to bring
... no benefit
... stuff that user should care about other than ssl is stuff we can't
access
... e.g. how secure is back-end, is CC# being stored well, etc. all
stuff
... we know nothing about UA
marzitaj: (scribe didn't hear that, sorry)
ifette: PSS can't say transaction is safe
<maritzaj> ian's concern with a binary indicator is inline with one of
the current problems with the ssl-lock, a user wants to know what page
they're on and the information the lock gives doesn't answer the
question even if they know to look for it in the right place
mez: what should we do to prepare for next week (rachna)
<Zakim> stephenF, you wanted to ask if binary estimate == padlock & if
so UAs already more-or-less conform?
jonath: not clear that padlock does represent a "best" practice
... thinks maybe the need is for a synthesis of various settings, seems
odd to reduce
... that to ssl
mez: seems problems, but wants us to have a p-o-v on current (padlock)
practice
<johnath> I'm all for binary as an approach, but reducing the score to
a single testvalue is the thing I find hard to defend
ifette: not chair's fault, problem is it all does reduce to ssl-like
stuff
... even dnssec etc. all properties of the connection and not site
... since info we need is info we don't have
<Mez> fair enough; it's time for us to figure out if there's any set of
test values we can get behind, at LC level by June, as a communication
of something around something security (other than identity, which is
covered elsewhere)
yngve: almost impossible to get info about site in any case...
<Mez> or those trust mark things
yngve: only ones can say are vendors/hosters etc.
<ifette> Can we spare rachna some work and kill it now?
mez: so rachna, what should we do before next week?
rachna: purpose of prototyping is to get more data so as to answer
questions
... e.g. would padlock vs. percent vs. colours be perceived as
different
... hard to talk about these without specific proposals for page
security
... confidence
mez: hard to do on the phone, but to give it a fair whack, anyone who
... wants to put out proposals/sketches for next week, then go ahead
<maritzaj> and if you saw my email with a lo-fi prototype ... you know
how easy it is
mez: if nothing turns up, then we're down to discussing the padlock
<Zakim> ifette, you wanted to add additional issues for this over the
next week
<Mez> no, a proposal at this point is
<Mez> 1) the proposal
<Mez> 2) the algorithm
<Mez> 3) a picture of an example
<Mez> 4) (optional) what benefit? what's the point, what do you want
the users to understand
ifette: do you mean proposals for how this will be displayed? his
fundamental issue isn't with display but with information to be
displayed (garbage in, garbage out proble)
rachna: could be that we recommend that no indicators are useful and so
none
... should be displayed
mez: people who want to put in effort in the meantime are free to do
... that, those that don't want to are similarly free
... proposals can be put on wiki
(discussion of wiki access)
mez: proposals should include 2119 language for the algorithm and a
picture
rachna: and questions you want to answer?
mez: we've asked that before and gotten little
mez: anything else? nothing, so bye-bye all
... next week is padlock week
Summary of Action Items
[End of minutes]
__________________________________________________________________
Minutes formatted by David Booth's [29]scribe.perl version 1.128
([30]CVS log)
$Date: 2008/02/27 17:43:01 $
References
1. http://www.w3.org/
2. http://lists.w3.org/Archives/Public/public-wsc-wg/2008Feb/0042.html
3. http://www.w3.org/2008/02/20-wsc-irc
4. http://www.w3.org/2008/02/20-wsc-minutes.html#agenda
5. http://www.w3.org/2008/02/20-wsc-minutes.html#item02
6. http://www.w3.org/2008/02/20-wsc-minutes.html#item03
7. http://www.w3.org/2008/02/20-wsc-minutes.html#item04
8. http://www.w3.org/2008/02/20-wsc-minutes.html#item05
9. http://www.w3.org/2008/02/20-wsc-minutes.html#item06
10. http://www.w3.org/2008/02/20-wsc-minutes.html#item07
11. http://www.w3.org/2008/02/20-wsc-minutes.html#item09
12. http://www.w3.org/2008/02/20-wsc-minutes.html#item10
13. http://www.w3.org/2008/02/20-wsc-minutes.html#item11
14. http://www.w3.org/2008/02/20-wsc-minutes.html#Low-fi
15. http://www.w3.org/2008/02/20-wsc-minutes.html#ActionSummary
16. http://www.w3.org/2008/02/05-wsc-minutes.html
17. http://www.w3.org/2008/02/06-wsc-minutes.html
18. http://www.w3.org/2008/02/13-wsc-minutes.html
19. http://lists.w3.org/Archives/Public/public-wsc-wg/2008Feb/0028.html
20. http://lists.w3.org/Archives/Public/public-wsc-wg/2008Feb/0004.html
21. http://www.w3.org/2006/WSC/drafts/note/
22. http://www.w3.org/2006/WSC/drafts/note/#scenarios
23. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#audio-logotype-practices
24. http://lists.w3.org/Archives/Public/public-wsc-wg/2008Feb/0021.html
25. http://www.w3.org/2007/11/05-wsc-minutes.html
26. http://www.w3.org/2007/11/05-wsc-minutes.html#item07
27. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#usage-modes
28. http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#usage-sbm
29. http://dev.w3.org/cvsweb/~checkout~/2002/scribe/scribedoc.htm
30. http://dev.w3.org/cvsweb/2002/scribe/
--
Thomas Roessler, W3C <tlr@w3.org>
Received on Wednesday, 27 February 2008 17:44:14 UTC