W3C home > Mailing lists > Public > public-wsc-wg@w3.org > January 2008

ACTION-374 - proposed re-written text for 6.3, Page Security Score

From: Timothy Hahn <hahnt@us.ibm.com>
Date: Wed, 23 Jan 2008 10:08:33 -0500
To: public-wsc-wg@w3.org
Message-ID: <OFE66F7E8F.2BB71D93-ON852573D9.0050788D-852573D9.00532917@us.ibm.com>
Hi all,

>From last week's meeting (16 January 2008) I took an action to propose 
re-written text for the "Page Security Score" section.

>From the latest wsc-xit draft, the current text reads:

--- Start ---
6.3 Page Security Score
See also: ISSUE-129
Please refer to the following entries in the Working Group's Wiki for 
relevant background information: RecommendationDisplayProposals/PageScore
The user agent MUST reduce the state of all security context information 
made available to a single value. A partial order MUST be defined on the 
set of possible values.
The user agent MUST make the security context information value available 
to the end user, in either primary or secondary chrome.
The user agent MUST make the formula by which the value is calculated 
available to the end user. Documentation of the user agent is the 
likeliest place.
The form of the indicator of this value will depend on the user agent and 
end user abilities. The user agent SHOULD provide a a primary chrome 
indicator
--- End ---
Here is my proposed re-written text:
--- Start ---
6.3 Page Security Score
See also: ISSUE-129
Please refer to the following entries in the Working Group's Wiki for 
relevant background information: RecommendationDisplayProposals/PageScore
The user agent SHOULD provide a means of reducing the collection of 
security context information which is available for any loaded page to a 
numeric value (termed a "security confidence estimate").
The calculation algorithm for the "security confidence estimate" MAY be 
made selectable by the end user or offered by separately installed user 
agent plug-ins.
The user agent SHOULD provide a visual indicator in primary chrome which 
varies relative to the "security confidence estimate" value.  Examples of 
such visual indicators (non-normative) are gauges, thermometers, a 
selection of several textual descriptions, and color-gradations.
The visual indicator SHOULD be especially conspicuous in display when the 
"security confidence estimate" value is different than the value which was 
observed for the loaded page in previous visits to the loaded page.
The user agent MAY elect to display a visual indicator in primary chrome 
only when a change in "security confidence estimate" values is observed.
The user agent MUST make the details of all available security context 
information available to the end user, in either primary or secondary 
chrome.
If a "security confidence estimate" is provided, the provider of the 
implementation MUST make the calculation algorithm by which the "security 
confidence estimate" value is calculated available to the end user. 
Documentation for the user agent or plug-in which is employed is the 
likeliest place.
The visual realization of the "security confidence estimate" value will 
depend on the user agent and end user abilities.
--- End ---

Tim Hahn
IBM Distinguished Engineer

Internet: hahnt@us.ibm.com
Internal: Timothy Hahn/Durham/IBM@IBMUS
phone: 919.224.1565     tie-line: 8/687.1565
fax: 919.224.2530


Received on Wednesday, 23 January 2008 15:09:03 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:14:20 UTC