- From: イアンフェッティ <ifette@google.com>
- Date: Fri, 23 Apr 2010 15:45:21 -0700
- To: Mary Ellen Zurko <mzurko@us.ibm.com>
- Cc: public-wsc-wg@w3.org
- Message-ID: <s2kbbeaa26f1004231545x6e0e707ao7310953c08d7299b@mail.gmail.com>
Let him formally object. It's not going to change what any of the browsers do. Am 23. April 2010 15:30 schrieb Mary Ellen Zurko <mzurko@us.ibm.com>: > fyi. We seem to have a philosophical divide on this question (at least that > is my first reaction). It seems that existing web architecture documents do > not address the topic of user interface and user understanding implications > at all (perhaps someone can correct me on that). This seems to be in part > what the new web science notion is about; build an understanding of humans > into the overall model. It's not clear to me that we actually have an > architecture today that maps to the architectural model of AWWW > (Architecture of the World Wide Web), as I don't know where the security > characteristics otherwise are or would be. So a spec that articulates > current best practice would of necessity be at odds with a model that was > not fully realized. > > It's always hard to know which items one should "go to the mat" on. > > Mez > > > ----- Forwarded by Mary Ellen Zurko/Westford/IBM on 04/23/2010 06:16 PM > ----- > > From: Krzysztof Maczyński <1981km@gmail.com> > To: <mzurko@us.ibm.com> > Cc: <public-usable-authentication@w3.org> > Date: 04/23/2010 10:12 AM > Subject: Re: Don't favour https ( LC-2382) > Sent by: public-usable-authentication-request@w3.org > ------------------------------ > > > > > It would be confusing to > > users to see an indication of TLS security, such as augmented assurance > > (such as with EV) certificates, and an http: URI. > This is based on a misunderstanding about URIs. They identify resources, > not characteristics of access to those resources (such as security). AWWW > and other documents are clear on this. Existing confusion in some users > should be rectified, not entrenched, lest I formally object. My request that > the spec doesn't go for the latter (specifically, removing "an https URL was > used" from the definition would resolve the issue) still stands. > > Best regards, > > Krzysztof Maczyński > Invited Expert, HTML WG > > >
Received on Friday, 23 April 2010 22:45:51 UTC