W3C Wants Better Browser Security
The web’s governing body is launching an initiative today that it hopes will make web browsers safer to use. The purpose of the Secure Browsing Initiative is to encourage browser developers to enhance their products so that they communicate more clearly with users about what security concerns arise from each page they visit.
"When I’m browsing the Web, I want my browser to help me understand who really is the owner of a Web page," W3C director Tim Berners-Lee says in the press release. "There is much deployed and proven security technology, but we now need to connect it all the way through to the Web user. A Web browser acts on my behalf as I surf the Web, and I need more help from it to avoid being spoofed."
The W3C’s goal for this initiative — which will be overseen by the new Web Security Context Working Group — can be summarized by its two major aims: to make users more aware of security issues within the browser and to make browsers more resistant to vulnerabilities like spoofing and phishing. The consortium knows that simply adding bells and whistles or "This Page Is Not Secure" warnings isn’t enough. It’s also looking into developing standards for new protocols, more secure web forms and more security-conscious user interfaces for sites where secure exchanges take place.
The initiative was launched as a result of the Workshop on Transparency and Usability of Web Authentication that was held earlier this year.
