Thursday, 31 January 2008
- ยป Even SSL Gmail can get sidejacked | Zero Day | ZDNet.com
- Re: ACTION-380: Text for ISSUE-131
- Re: ACTION-380: Text for ISSUE-131
- ACTION-381: ISSUE-130 (consistent across devices) done
- ACTION-380: Text for ISSUE-131
Wednesday, 30 January 2008
- Please review ACTION-367 results
- Re: Agenda: WSC WG weekly 2008-01-30
- ACTION-360: Mez's editorial nits; petnames in identity signal?
Tuesday, 29 January 2008
- RE: Agenda: WSC WG weekly 2008-01-30
- weekly call on 30 January
- Re: Agenda: WSC WG weekly 2008-01-30
- Agenda: WSC WG weekly 2008-01-30
- Regrets for Jan-30 call
Saturday, 26 January 2008
- Re: ACTION-334: Propose language on Bookmarks API
- ACTION-334: Propose language on Bookmarks API
- Re: IE Favorites Feature May Allow Phishing
Friday, 25 January 2008
Thursday, 24 January 2008
- RE: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: Troubles with KCM
- RE: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- RE: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- RE: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- RE: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: Troubles with KCM
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
Wednesday, 23 January 2008
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: Troubles with KCM
- Meeting record: WSC WG weekly 2008-01-16
- ACTION-377: Hook for UIs in seciton 7.8
- RE: ACTION-374 - proposed re-written text for 6.3, Page Security Score
- ACTION-374 - proposed re-written text for 6.3, Page Security Score
- Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-01-23
- RE: Agenda: WSC WG distributed meeting, Wednesday, 2008-01-23
- How to write a good issue
- Troubles with KCM
Tuesday, 22 January 2008
Monday, 21 January 2008
Friday, 18 January 2008
- call for demos for the f2f
- wsc-xit next steps
- WSC Open Action Items
- Re: ACTION-336 OPEN Propose material for ISSUE-106 Stephen Farrell 2007-12-21
- Re: Form editor question
- Re: Form editor question
- Re: ACTION-356: picture-in-picture attacks
- Form editor question
Thursday, 17 January 2008
- Re: ACTION-356: picture-in-picture attacks
- Re: ACTION-372: Proposed replacement for 7.6
- Re: ACTION-372: Proposed replacement for 7.6
- Re: ACTION-369: webarch implications of 7.2
- ISSUE-181: Should there be an authoring practice suggesting http/https URI space consistency [wsc-xit]
- Re: ACTION-369: webarch implications of 7.2
- ACTION-369: webarch implications of 7.2
- ACTION-356: picture-in-picture attacks
- ACTION-317: Different notions of KCM in different parts of the document
- ACTION-372: Proposed replacement for 7.6
- ACTION-357: less conspicuous hovering effects
Wednesday, 16 January 2008
- Re: ACTION-344, ISSUE-120: Proposed normative material on audio logotypes
- Meeting record: WSC WG weekly 2008-01-09
- WSC WG distributed meeting, Wednesday, 2008-01-16
- Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-01-16
- Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-01-16
Tuesday, 15 January 2008
Monday, 14 January 2008
- RE: Is the padlock a page security score?
- ISSUE-180 (wsc-xit spelling mistakes ): wsc-xit spelling mistakes (public comment) [wsc-xit]
- RE: Is the padlock a page security score?
- ISSUE-179 (wsc-xit comment section 10.2.3): general comment section 10.2.3 (public comment) [wsc-xit]
- ISSUE-178 (wsc-xit comment section 10.2.2): general comment section 10.2.2 conceptual model (public comment) [wsc-xit]
- ISSUE-177 (wsc-xit comment section 6.5 tls/ssl pt2): general comment section 6.5 tls/ssl pt2 (public comment) [wsc-xit]
- ISSUE-176 (wsc-xit comment section 6.5 tls/ssl): general comment section 6.5 tls/ssl processing (public comment) [wsc-xit]
- ISSUE-175 (wsc-xit comment section 6.5): general comment section 6.5 table and bullet list (public comment) [wsc-xit]
- ISSUE-174 (5.4 wsc-xit comments): review wsc-xit - general comments section 5.4 (public comment) [wsc-xit]
- Fw: A review of Web Security Context's Scope and Use Cases -- Last Call
- RE: Is the padlock a page security score?
Sunday, 13 January 2008
Friday, 11 January 2008
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Meeting record: WSC WG weekly 2007-12-19
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- WSC Open Action Items
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: ACTION-362 OPEN review wsc-xit William Eburn 2008-01-01
- Re: ACTION-361 OPEN review wsc-xit Phillip Hallam-Baker 2008-01-01
- Re: ACTION-343 OPEN Begin examining some of the recommendations, write down the underlying assumptions for success, then list any prior studies that have already examined those assumptions, and possibly how to test the untested assumptions Serge Egelman 2007-12-21 User Studies
- RE: Is the padlock a page security score?
- Re: ACTION-336 OPEN Propose material for ISSUE-106 Stephen Farrell 2007-12-21
- RE: ACTION-214 solicit commentary on Threat Trees from MITRE INFOSEC community Bill Doyle
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
Thursday, 10 January 2008
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Is the padlock a page security score?
- Re: Is the padlock a page security score?
- FW: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- RE: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Re: Is the padlock a page security score?
- Is the padlock a page security score?
Wednesday, 9 January 2008
- Re: ISSUE-161: Be clearer about security indicator images [wsc-xit]
- RE: ISSUE-161: Be clearer about security indicator images [wsc-xit]
- meeting conflict - only available for first 1/2 hour
- Re: May f2f plans - query on joint meeting with CABForum
Tuesday, 8 January 2008
- Re: May f2f plans - query on joint meeting with CABForum
- May f2f plans - query on joint meeting with CABForum
- Re: TLS/SSL robustness - high, medium, low
- RE: TLS/SSL robustness - high, medium, low
- RE: TLS/SSL robustness - high, medium, low
- Re: TLS/SSL robustness - high, medium, low
- RE: TLS/SSL robustness - high, medium, low
- RE: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- RE: TLS/SSL robustness - high, medium, low
- TLS/SSL robustness - high, medium, low
- RE: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- Agenda: WSC WG distributed meeting, Wednesday, 2008-01-09
- RE: ISSUE-161: Be clearer about security indicator images [wsc-xit]
Monday, 7 January 2008
- Re: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- RE: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- Re: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- RE: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- RE: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- Re: ISSUE-170: 6.3 Seems more like extension/experimentation than standardization [wsc-xit]
- Re: ISSUE-167: Should Section 5.3.1 specify normative details for a theoretical technology?
- Re: ISSUE-167: Should Section 5.3.1 specify normative details for a theoretical technology?
- Re: ISSUE-170: 6.3 Seems more like extension/experimentation than standardization [wsc-xit]
- ACTION-353: Convert Mozilla FPWD review notes into issues
- Re: ISSUE-169: Section 5.5.3 creates a burden on browsers to remember past certificates
- ISSUE-173: 8.1.1 Requires user testing for the purposes of conformance [wsc-xit]
- ISSUE-172: 7.9 Normative text assumes a service we don't otherwise mention or expect to exist [wsc-xit]
- ISSUE-171: 7.8 Is unclear about data retention requirements [wsc-xit]
- ISSUE-170: 6.3 Seems more like extension/experimentation than standardization [wsc-xit]
- ISSUE-169: Section 5.5.3 creates a burden on browsers to remember past certificates
- ISSUE-168: Section 5.5.2 might be over-restrictive, especially on first-visit-redirect [wsc-xit]
- ISSUE-167: Should Section 5.3.1 specify normative details for a theoretical technology?
- ISSUE-166: Consider dropping section 5.2 in favour of "standard" matching algo, if appropriate.
Sunday, 6 January 2008
Saturday, 5 January 2008
- Re: ISSUE-161: Be clearer about security indicator images [wsc-xit]
- Re: ISSUE-161: Be clearer about security indicator images [wsc-xit]
Friday, 4 January 2008
- RE: ACTION-340 OPEN Gather data about cost of TLS deployment Phillip Hallam-Baker 2007-12-10
- Re: ISSUE-127: Safe Form Bar: Separate MITM handling? [Techniques]
- WSC Open Action Items
- Re: ACTION-345 OPEN Begin designing lo-fi user study for Browser Lockdown Maritza Johnson 2007-11-30
- Re: ACTION-340 OPEN Gather data about cost of TLS deployment Phillip Hallam-Baker 2007-12-10
Thursday, 3 January 2008
Wednesday, 2 January 2008
- ISSUE-165: Allow for (non default) configuration of notification of first time TLS interaction with a site [wsc-xit]
- ISSUE-164: SSC != CoSL [wsc-xit]
- ISSUE-163: Make (sure) 9.4 is internally consistent [wsc-xit]
- ISSUE-162: Recognize there are other forms of network security [wsc-xit]
- ISSUE-161: Be clearer about security indicator images [wsc-xit]
- ISSUE-160: Remove section 7.9 [wsc-xit]
- ISSUE-159: Merge 7.8 into 8.2 [wsc-xit]
- ISSUE-158: Abstracting and tightening editing of stored history [wsc-xit]
- ISSUE-157: Masking only MUST for passwords [wsc-xit]
- ISSUE-156: Tighten and abstract seleting the text string [wsc-xit]
- ISSUE-155: Remove references to contacts option [wsc-xit]
- ISSUE-154: Provide unique labels for each message and use them consistently as references [wsc-xit]
- ISSUE-153: Tie SWFE to secondary SCI [wsc-xit]
- ISSUE-152: Clarify the point of "distinguishing" between static and other text in messages [wsc-xit]
- ISSUE-151: Make "similar" clearer (in choosing petnames) [wsc-xit]
- ISSUE-150: Abstract how user navigates to a site for establishing a new relationship
- ISSUE-149: Condense 7.2 to its first normative directive only [wsc-xit]
- ISSUE-148: Downgrade ability to update an organization's name and address to SHOULD [wsc-xit]
- ISSUE-147: Descriptions of certificate matching rules in SWFE need explanations somewhere [wsc-xit]
- ISSUE-146: 7.1 to reference where xit talks about how identity is presented [wsc-xit]
- Re: ISSUE-131 (Code outside browser): Executing code outside of browser in 8.3.2.3 is vague / scary [All]
- Re: ISSUE-131 (Code outside browser): Executing code outside of browser in 8.3.2.3 is vague / scary [All]
- Re: ISSUE-131 (Code outside browser): Executing code outside of browser in 8.3.2.3 is vague / scary [All]
- Re: wsc-xit review
- Re: ISSUE-131 (Code outside browser): Executing code outside of browser in 8.3.2.3 is vague / scary [All]
- Re: wsc-usecases comments Re: Comments on draft documents posted to the WSC wiki
- Re: wsc-xit review
- Re: ISSUE-142: Page Security Score does not yet have enough content behind it [wsc-xit]
- Re: ISSUE-131 (Code outside browser): Executing code outside of browser in 8.3.2.3 is vague / scary [All]
- Re: usecases comments Re: Comments on draft documents posted to the WSC wiki
- Re: usecases comments Re: Comments on draft documents posted to the WSC wiki
- Re: usecases comments Re: Comments on draft documents posted to the WSC wiki