Re: New editor's draft shuffles sections. from Thomas Roessler on 2008-03-28 (public-wsc-wg@w3.org from March 2008)

From: Thomas Roessler <tlr@w3.org>
Date: Fri, 28 Mar 2008 16:18:02 +0100
To: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
Cc: WSC WG <public-wsc-wg@w3.org>
Message-ID: <20080328151802.GI150@iCoaster.does-not-exist.org>

On 2008-03-28 11:10:29 -0400, Mary Ellen Zurko wrote:

> RFC 2119-o?
> "For visual user agents, in usage modes in which browser chrome is used to 
> signal security context information, that chrome should always be visible 
> during interactions with Web content."
> For visual user agents, in usage modes in which browser chrome is used to 
> signal security context information, that chrome SHOULD always be visible 
> during interactions with Web content.
> 
> Did you want to RFC 2119 this one too?
> "This requirement is scoped to a specific interaction: When multiple Web 
> pages might be displayed, security critical chrome need not be present for 
> those with which the user is not currently interacting. However, chrome 
> used to communicate security context information that relates to the 
> currently interacted Web page must always remain on the screen."
> This requirement is scoped to a specific interaction: When multiple Web 
> pages might be displayed, security critical chrome MAY NOT be present for 
> those with which the user is not currently interacting. However, chrome 
> used to communicate security context information that relates to the 
> currently interacted Web page MUST always remain on the screen.
> 

We don't have a coherent conformance model for that part, at all,
which should probably be an open issue against it.  Till then,
detailed discussion about SHOULD, MUST, and the like are pretty much
futile.

> What are the reasons these are SHOULD's instead of MUSTs? Anyone know/got 
> an opinion? 

I suspect that that refers to the following text?

> Web user agents SHOULD restrict window sizing and moving
> operations consistent with 7.1.2 Keep Security Chrome Visible.
> This prevents attacks wherein browser chrome is obscured by
> moving it off the edges of the visible screen. Web user agents
> SHOULD NOT allow web content to open new windows with the 
> browser's security UI hidden. Allowing this operation facilitates
> picture-in-picture attacks, where artificial chrome (usually
> indicating a positive security state) is supplied by the web
> content in place of the hidden UI.

No particular preference on my side.

> Missing ref to 6.4.3:
> "Web user agents MUST NOT expose programmatic interfaces that allow 
> bookmarking without explicit user consent. That consent MUST follow the 
> requirements from ."

ups, fixed

> If we don't have an issue to track this ambiguity, we need one:
> "With visual user interfaces that use a windowed interaction paradigm, Web 
> user agents [[MAY | SHOULD]] restrict the opening of pop-up windows from 
> web content, "
> SHOULD is my vote

+1

-- 
Thomas Roessler, W3C  <tlr@w3.org>

Received on Friday, 28 March 2008 15:18:36 UTC