This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Summit 2011 Working Sessions/Session004"
From OWASP
Sarah Baso (talk | contribs) |
Sarah Baso (talk | contribs) |
||
Line 131: | Line 131: | ||
| summit_session_objective_name1= Clearly there is a need for warnings that users understand and that conveys the right information. Perhaps we can agree on some guidelines or at least exchange lessons learned. | | summit_session_objective_name1= Clearly there is a need for warnings that users understand and that conveys the right information. Perhaps we can agree on some guidelines or at least exchange lessons learned. | ||
− | | summit_session_objective_name2= How should browsers signal invalid SSL certs to the enduser? <noinclude>Are we helping security right now? What to do about 50 % of users clicking through warnings? Mozilla replaces the padlock with a [https://support.mozilla.com/en-US/kb/Site%20Identity%20Button site identity button] i Firefox 4. "Larry" will inform the user of the site's status. Google recently tried out a skull & bones icon for bad certs but moved back to [http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95617 padlocks] again.<noinclude> | + | | summit_session_objective_name2= How should browsers signal invalid SSL certs to the enduser? <noinclude>Are we helping security right now? What to do about 50 % of users clicking through warnings? Mozilla replaces the padlock with a [https://support.mozilla.com/en-US/kb/Site%20Identity%20Button site identity button] i Firefox 4. "Larry" will inform the user of the site's status. Google recently tried out a skull & bones icon for bad certs but moved back to [http://www.google.com/support/chrome/bin/answer.py?hl=en&answer=95617 padlocks] again.</noinclude> |
| summit_session_objective_name3= How should browsers communicate other kinds of information such as privacy, malware warnings, "not visited before" etc? <noinclude>Forbes had an interesting example of [http://blogs.forbes.com/kashmirhill/2011/01/05/visualizing-better-privacy-policies/?boxes=Homepagechannels how to visualize privacy].</noinclude> | | summit_session_objective_name3= How should browsers communicate other kinds of information such as privacy, malware warnings, "not visited before" etc? <noinclude>Forbes had an interesting example of [http://blogs.forbes.com/kashmirhill/2011/01/05/visualizing-better-privacy-policies/?boxes=Homepagechannels how to visualize privacy].</noinclude> |
Revision as of 02:37, 25 January 2011
Global Summit 2011 Home Page
Global Summit 2011 Tracks
Enduser Warnings | ||||||
---|---|---|---|---|---|---|
Please see/use the 'discussion' page for more details about this Working Session | ||||||
Working Sessions Operational Rules - Please see here the general frame of rules. |
WORKING SESSION IDENTIFICATION | ||||||
---|---|---|---|---|---|---|
Short Work Session Description | | |||||
Related Projects (if any) |
| |||||
Email Contacts & Roles | Chair John Wilander @ |
Operational Manager John Wilander @ |
Mailing list https://groups.google.com/group/owasp-summit-browsersec |
WORKING SESSION SPECIFICS | ||||||
---|---|---|---|---|---|---|
Objectives |
| |||||
Venue/Date&Time/Model | Venue/Room OWASP Global Summit Portugal 2011 |
Date & Time Tuesday, 09 February Time: TBA
|
Discussion Model The working form will most probably be short presentations to frame the topic and then round table discussions. Depending on number of attendees we'll break into groups. |
|
---|
WORKING SESSION OPERATIONAL RESOURCES | ||||||
---|---|---|---|---|---|---|
Projector, whiteboards, markers, Internet connectivity, power |
|
---|
WORKING SESSION ADDITIONAL DETAILS | ||||||
---|---|---|---|---|---|---|
|
WORKING SESSION OUTCOMES / DELIVERABLES | ||
---|---|---|
Proposed by Working Group | Approved by OWASP Board | |
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. | ||
After the Board Meeting - fill in here. |
Working Session Participants
(Add you name by clicking "edit" on the tab on the upper left side of this page)
WORKING SESSION PARTICIPANTS | ||||||
---|---|---|---|---|---|---|
Name | Company | Notes & reason for participating, issues to be discussed/addressed | ||||
John Wilander @ |
|
| ||||
Michael Coates |
| |||||
Colin Watson |
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
| |||||
|
|
</includeonly>