Re: Figuring out Why Standards are there.
On (22/05/06 11:38), Greg Folkert wrote:
> On Mon, 2006-05-22 at 03:32 -0700, formless void wrote:
> > I finally found that W3C has got
> >
> > User Agent Accessibility Guidelines at
> >
> > http://www.w3.org/TR/WAI-USERAGENT/
> >
> > Now my question is how authenticative W3C is?
>
> What do you mean by "authenticative"? Do you mean au?thor?i?ta?tive?
>
> au?thor?i?ta?tive
> adjective
> 1. Having or arising from authority; official: an
> authoritative decree; authoritative sources.
> 2. Of acknowledged accuracy or excellence; highly reliable:
> an authoritative account of the revolution.
> 3. Wielding authority; commanding: the captain's
> authoritative manner.
>
> If that is what you meant, then my answer is, W3C *is the authority* on
> the subject of the useragent. But being the authority on any subject
> doesn't mean anyone pays attention to you or your organization. It is
> voluntary compliance.
>
> > Why am I asking this? Because, setting up a standard is one thing and
> > getting vendors to implement is another.
>
> See Voluntary Compliance.
>
> > It seems to me that the standard has been there for 4 years and no
> > browser has implemented it so far, as I can find no where within the
> > major browsers (such as IE, Netscape or Firefox) saying that the
> > accessibility of the browser is w3c compliant.
>
> Have you even looked at Firefox's Mozilla website?
>
> http://www.mozilla.com/firefox/
>
> Accessibility
> Firefox 1.5 delivers easier navigation for everyone,
> including those who are visually or motor-impaired.
> Firefox is the first browser to support DHTML
> accessibility, which, when enabled by Web authors,
> allows rich Web applications to be read aloud. Users may
> navigate with keystrokes rather than mouse clicks,
> reducing the tabbing required to navigate documents such
> as spreadsheets. Firefox 1.5 (Windows version) is also
> the first browser to meet US Federal Government
> Requirements (http://www.mozilla.com/firefox/vpat.html)
> that software be easily accessible to users with
> physical impairments.
>
>
> > Another issue concerns me is that the w3c guideline only addresses the
> > accessibility issue and not enough on User Agent security - Section
> > 1.5 only. Where I can find security standards of the web browser?
>
> http://www.w3.org/TR/2002/REC-UAAG10-20021217/guidelines.html#tech-ui-access-api
>
> 1. For security reasons, user agents are not required to allow
> instructions in content to modify user agent user interface
> controls.
>
> Also Note, that this is a guideline. (guidelines.html) which mean it is
> intended to steer, not define the APIs used in security considerations.
>
> Also note that, you can program in a 100% sandbox environment and still
> produce insecure code. It is a matter of understanding the implications
> of your code and programming for security from the get go. Most software
> in general that started as a "pet project" did not start with the proper
> footing in secure programming.
>
> When I say secure, I don't mean secure like Bank Vault Secure, but
> secure as in "Does what it is supposed to with out allowing stack
> overruns or improper handling of types to allow leaks, etc..."
>
> So, if *YOU* need a secure implementation of a Browser with User Ageent
> Security Cranked way up... well, I suggest you start with a clean sheet,
> any of the existing code bases you have to work with in the way of
> web-browsers are far to buggy for them to be fixed, without a 100%
> re-factoring, linting, unit-testing with peer-review re-do. That ain't
> gonna happen unless YOU do it.
>
> > It is perfectly fine, if the vendors are unable to achieve the
> > security of the browser at the same time with the accessibility, and
> > rely on the third party software to make compliment it.
>
> No, the core of the browser needs to implement good programming methods
> to not allow the exploits like IE has in it.
>
> > But the standard level has to be differentiated and indicated clearly
> > either using logo or code, what ever.
>
> The sheeple (sheeple == average US citizen that complains about politics
> but does nothing to improve the situation ala voting or writing) of
> windows users don't care about that. All they want is blinky lights and
> toolbars that work with the "game-site" or "porn-site" of choice.
>
> Do like Microsoft has, find an imperfection in the finish, layer some
> bondo on it... prime it then try to match the color around the problem
> so nobody notices. If that doesn't work, repaint the whole-thing again
> adding a few more blinky lights, maybe a few "Pimped" things like DRM
> and TCE... and re-release it as the next completely redesigned version.
> (WindowsXP ala Windows Vista) All without even addressing Standards
> other than the proprietary ones they have created.
> --
> greg, greg@gregfolkert.net
>
> The technology that is
> Stronger, Better, Faster: Linux
>
> Use Debian GNU/Linux, its a bazaar thing
>
> NOTICE: Due to Presidential Executive Orders, the
> National Security Agency may have read this email
> without warning, warrant, or notice, and certainly
> without probable cause. They may do this without
> any judicial or legislative oversight. You have no
> recourse nor protection.
Great answer!
Regards
Clive
--
www.clivemenzies.co.uk ...
...strategies for business
Reply to: