- From: Thomas Roessler <tlr@w3.org>
- Date: Sun, 15 Jun 2008 12:44:13 +0200
- To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Cc: public-wsc-wg@w3.org
On 2008-06-13 08:57:02 -0400, Mary Ellen Zurko wrote: > I've tweaked it a bit. Comments and suggestions welcome: Looks good to me. > > This specification deals with the trust decisions that users must make > online, and with ways that user agents support them in making safe and > informed decisions where possible. > In order to achieve that goal, this specification includes recommendations > on the presentation of identity information and other security context > information by Web user agents. We also include recommendations on > handling errors in security protocols. The error handling recommendations > both minimize the trust decisions left to users, and represent known best > practice in inducing users toward safe behavior where they have to make > these decisions. To complement the interaction and decision related parts > of this specification, 7 Robustness addresses the question of how the > communication of context information needed to make decisions can be made > more robust against attacks. > This document specifies user interactions with a goal toward making > security usable, based on known best practice in this area. Subsequent > testing of this specification will include conformance, interoperability, > and usability teting. I wonder if the testing related sentence here isn't most appropriately put into the Status of This Document section. > This specification comes with two companion documents: [WSC-USECASES] > documents the use cases and assumptions that underly this specification. > [WSC-THREATS] documents the Working Group's threat analysis. > -- Thomas Roessler, W3C <tlr@w3.org>
Received on Sunday, 15 June 2008 12:28:20 UTC