ISSUE-28: Requirement for NO security prompting

noModalPrompt

Requirement for NO security prompting

State:
CLOSED
Product:
Policy Framework Requirements
Raised by:
Frederick Hirsch
Opened on:
2009-10-06
Description:
A number of workshop position papers noted that prompting the user for permission when making security decisions can be harmful, especially when repeated often.

Do we have a requirement for no user security prompting, or perhaps only allow user-configuration and then no prompting?

Proposal: Add policy Requirement: User agents MUST NOT present modal dialogs to prompt users for security decisions no user prompting for security decisions
Add policy Requirements: Users SHOULD have control over general configuration of security decisions

Rationale is in 2.1 of the OMTP position paper [1], the Mozilla position paper [2], Johnson/Bellovin [3]

[1] http://www.w3.org/2008/security-ws/papers/OMTP_Security_Position_Paper.pdf

[2] http://www.w3.org/2008/security-ws/papers/mozilla.html

[3] http://www.w3.org/2008/security-ws/papers/security_assurance_webapi.pdf

Related Actions Items:
Related emails:
  1. Proposed updates to Pending and Raised ISSUES, suggest 'API Requirements and Design Decisions' document (from Frederick.Hirsch@nokia.com on 2011-01-04)
  2. Re: Agenda - Distributed Meeting 2010-06-16 (from jmorris@cdt.org on 2010-06-16)
  3. Agenda - Distributed Meeting 2010-06-16 (from Frederick.Hirsch@nokia.com on 2010-06-16)
  4. Re: Agenda - Distributed Meeting 2010-06-16 (from enewland@cdt.org on 2010-06-15)
  5. Re: Draft minutes 2010-06-09 (from Frederick.Hirsch@nokia.com on 2010-06-10)
  6. Draft minutes 2010-06-09 (from robin@robineko.com on 2010-06-09)
  7. Re: Modal prompts vs notifications (was: Agenda - Distributed Meeting 2010-06-02) (from jsalsman@talknicer.com on 2010-06-09)
  8. Re: Agenda - Distributed Meeting 2010-06-02 (from jsalsman@talknicer.com on 2010-06-09)
  9. Re: Agenda - Distributed Meeting 2010-06-02 (from dom@w3.org on 2010-06-09)
  10. Re: Agenda - Distributed Meeting 2010-06-02 (from jsalsman@talknicer.com on 2010-06-09)
  11. Re: Agenda - Distributed Meeting 2010-06-02 (from dom@w3.org on 2010-06-09)
  12. Open Actions - please review and complete actions before F2F (from frederick.hirsch@nokia.com on 2010-03-02)
  13. Agenda: Distributed Meeting 2009-10-28 (from frederick.hirsch@nokia.com on 2009-10-27)
  14. corrected draft minutes 2009-10-21 for approval (v2) (from frederick.hirsch@nokia.com on 2009-10-21)
  15. Draft minutes 2009-10-21 (from frederick.hirsch@nokia.com on 2009-10-21)
  16. RE: Agenda - Distributed Meeting 2009-10-21, v2 (from david.rogers@omtp.org on 2009-10-21)
  17. Re: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework — General] (from frederick.hirsch@nokia.com on 2009-10-21)
  18. Agenda - Distributed Meeting 2009-10-21, v2 (from frederick.hirsch@nokia.com on 2009-10-21)
  19. Re: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework — General] (from paddy.byers@gmail.com on 2009-10-21)
  20. Agenda - Distributed Meeting 2009-10-21 (from frederick.hirsch@nokia.com on 2009-10-20)
  21. Agenda - Distributed Meeting 2009-10-14 (from robin@robineko.com on 2009-10-13)
  22. RE: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework - General] (from ian@hixie.ch on 2009-10-09)
  23. RE: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework - General] (from richard.tibbett@orange-ftgroup.com on 2009-10-09)
  24. RE: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework - General] (from ian@hixie.ch on 2009-10-09)
  25. RE: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework - General] (from richard.tibbett@orange-ftgroup.com on 2009-10-08)
  26. Re: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework < General] (from tlr@w3.org on 2009-10-07)
  27. Draft minutes 2009-10-07 (from frederick.hirsch@nokia.com on 2009-10-07)
  28. Re: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework < General] (from Jere.Kapyaho@nokia.com on 2009-10-07)
  29. RE: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework - General] (from Marcin.Hanclik@access-company.com on 2009-10-07)
  30. RE: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework - General] (from Marcin.Hanclik@access-company.com on 2009-10-07)
  31. Re: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework — General] (from frederick.hirsch@nokia.com on 2009-10-07)
  32. RE: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework — General] (from Marcin.Hanclik@access-company.com on 2009-10-06)
  33. Agenda - Distributed Meeting 2009-10-07 (from frederick.hirsch@nokia.com on 2009-10-06)
  34. ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework — General] (from sysbot+tracker@w3.org on 2009-10-06)

Related notes:

There seem to be consensus on avoiding modal prompts, and this is reflected in the current policy-reqs draft: http://dev.w3.org/2009/dap/policy-reqs/#user-control-over-decisions

Propose to close

Dominique Hazaël-Massieux, 2 Mar 2010, 14:31:09

References [1] and [3] seem to be diametrically opposed on the question of prompts, and reference [2] cites a very obscure example from an organization which uses prompts for installation of downloaded extension and plug-in software.

For example, [3] states, "The user must explicitly authorize any and all accesses to devices.... a two-page sequence is necessary before [device access] can take place: a first page to check the permissions; it will either go on to the next page automatically, or it will display an error message telling the user to correct permissions."

How was the idea that there is a consensus there arrived at?

James Salsman, 9 Jun 2010, 13:36:05

Display change log ATOM feed

Anssi Kostiainen <anssi.kostiainen@intel.com>, Reilly Grant <reillyg@google.com>, Chairs, Fuqiao Xue <xfq@w3.org>, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 28.html,v 1.1 2019/11/08 08:58:36 carcone Exp $