Re: Automatic Entry and Forms

hallam@zorch.w3.org
Sun, 25 Feb 96 17:30:16 -0500


From: hallam@zorch.w3.org
Message-Id: <9602252230.AA22051@zorch.w3.org>
To: Adam Jack <ajack@corp.micrognosis.com>
Cc: "Daniel W. Connolly" <connolly@beach.w3.org>,
Subject: Re: Automatic Entry and Forms 
In-Reply-To: Your message of "Sun, 25 Feb 96 14:32:14 EST."
             <Pine.SUN.3.91.960225122837.22641A-100000@singhi> 
Date: Sun, 25 Feb 96 17:30:16 -0500

Adam makes two good points:

1) Malicious servers may attempt to trick the user into submitting data
	without their consent
2) Wouldn;t it be easier to have a central registry?

On (1) yesw there is a problem for any automatic forms entry scheme. This could be dealt with in two ways. Either the browser comes up with a dialogue box
and asks (do you want to automatically add in these fields". Alternatively
the automatic fill in protocol might be configured to only operate within
a closed subnet - for forms comming from within a company say.

On 2 there is a very significant problem - cost. Internic alone costs several
million a year to run. It is a centralised pressure point. If the government
wants to control the internet they can do so through Internick. IANA works
very hard to avoid taking on more work.

The idea of using URIs is that there is a namespace whic h has already been
allocated. I would expect most users to have similar needs. Recording
names, addresses, phone numbers and little more. I would expect there to be
a standard for this template to arrise out of the normal market processes.
There is a common set of needs and it is everyones interests to work in the
same framework. 

There is a world of difference between a system in which it is in peoples
interests to abide by a common standard and one where one is rammed down
peoples throats. I don;t think that either the IETF or the W3C is very 
interested in holding the sort of discussions which would be necessary
to arrive at a common template. I think we should leave this tyoe of work
to ISO. I also think we need to write ourselves a bolt hole into any spec 
so that we are not beholden to some other party.

There is also a deeper philosophical issue here. The Web works because it
is decentralised and has no central registry. If all new web servers had
had to register with CERN before they started we would have been as
unsuccessfull as Hyper-G. Hyper-G had far nicer client software but the
setting up of a server required a lot of committment from any institution.

I see this as an area where we can win most by staying aloof from the fray.
Someone somewhere will produce a very comprehensive set of field templates
and people will want to use them. I prefer to offload that type of work onto
people who have time and possibly expertise.

		Phill