- From: John J. Barton <John_Barton@hpl.hp.com>
- Date: Mon, 26 Mar 2001 10:38:55 -0800
- To: Berin Loritsch <bloritsch@apache.org>, XForms Mailing List <www-forms@w3.org>
At 09:36 AM 3/26/2001 -0500, Berin Loritsch wrote:
<snip>
>I really don't think that transport issues such as encryption
>should be an embeddable part of the XForms spec.
While I agree that transport issues should not be part of
the spec., there are at least 2 ways that I think security has
to handled directly by XFORMs:
1) Passwords. Some data like passwords must have security
handling during entry ("***") and before submission (if data is
entered in to a DOM).
2) Signatures. A digital signature is another kind of data
the user agent needs to add into a form.
Of course my opinion begins with the idea that XFORMs describes
how data will be collected by a user agent and sent into the pipe
to a service. Thus a digital signature should be an natural part
of XFORMs processing. Maybe that isn't quite everyone's viewpoint.
I'll be working to convince you ;-).
John.
______________________________________________________
John J. Barton email: John_Barton@hpl.hp.com
http://www.hpl.hp.com/personal/John_Barton/index.htm
MS 1U-17 Hewlett-Packard Labs
1501 Page Mill Road phone: (650)-236-2888
Palo Alto CA 94304-1126 FAX: (650)-857-5100
Received on Monday, 26 March 2001 13:38:48 UTC