ISSUE-69

New goal--Reduce the number of scenarios in which users\' security depends upon authenticating sites

State:
CLOSED
Product:
wsc-usecases
Raised by:
Stuart Schechter
Opened on:
2007-04-25
Description:
Looking at the goals in Section 2 of the note, I don\'t see how password
managers, which reduce the likelihood that a user will enter a password into
an impersonation site, would fit into our goals. MeZ tells me that she
believes there is a rough consensus that are inline with our goals. Stuart
proposes a new goal between 2.5 and 2.6:

Title: \"Reduce the number of scenarios in which users\' security depends
on their ability to authenticating a site\"
Content: \"No matter how well security information is presented, there
will always be users who, in some situations, will behave insecurely even in
the face of harsh warnings. Thus, the working group will also recommend
ways to reduce the number of situations in which users\' security will be
compromised if they fail to recognize an impersonation attack or other
security failure.\"
Related Actions Items:
No related actions
Related emails:
  1. RE: ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from tyler.close@hp.com on 2007-05-21)
  2. Re: ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-05-18)
  3. RE: ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from dan.schutzer@fstc.org on 2007-05-02)
  4. Re: ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from sduffy@aol.net on 2007-05-02)
  5. Re: ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-05-02)
  6. Re: ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from egelman@cs.cmu.edu on 2007-05-01)
  7. ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from dean+cgi@w3.org on 2007-04-25)
  8. Re: ISSUE-69: New goal--Reduce the number of scenarios in which users\\\' security depends upon authenticating sites (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-04-25)

Related notes:

Updated Note on May 21

21 May 2007, 00:00:00

Display change log ATOM feed


Mary Ellen Zurko <mzurko@us.ibm.com>, Chair, Thomas Roessler <tlr@w3.org>, Staff Contact
Tracker (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 69.html,v 1.1 2010/10/11 09:35:19 dom Exp $