- From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Date: Fri, 11 Jan 2008 09:08:51 -0500
- To: "Mike Beltzner <beltzner" <beltzner@mozilla.com>
- Cc: public-wsc-wg@w3.org
Received on Friday, 11 January 2008 14:09:03 UTC
Great conversation, all the way around. I particularly appreciate those posts that, while taking a strong stance, also try to explore other points of view, how their stance relates to it, and what might be some sort of reasonable middle ground. Kudos to all of you! > Where the number *would* come in handy is when they're used to > seeing a "72" for their bank or online shopping site, but all of a > sudden they see a "38". It's the change in the security values that > become interesting. At that point, though, why would we require that > the user remember that theirshoppingsite.com is usually a 72, but > all of a sudden became a 36. Why would we not, instead, just alert > them to the fact that there's something suspicious, and they > shouldn't use the site at this time (with links to more detail for > those who wish to know what tipped us off). That would tie into the Change of Security Level (or CoSL as I started to call it in my review comments) in xit. As I think does some of the discussion of warnings on top of passive indicators (although as my review comments indicated, it was hard to find the part of CoSL where that was specified, and should be made clearer).
Received on Friday, 11 January 2008 14:09:03 UTC