Re: Automatic Entry and Forms

Derek Harding (derek@tpdinc.com)
Tue, 27 Feb 1996 09:21:24 -0800


Message-Id: <2.2.32.19960227172124.006817dc@mail.tpdinc.com>
Date: Tue, 27 Feb 1996 09:21:24 -0800
To: Robert Hazeltine <rhazltin@bacall.nepean.uws.edu.au>
From: Derek Harding <derek@tpdinc.com>
Subject: Re: Automatic Entry and Forms
Cc: Murray Altheim <murray@spyglass.com>, hallam@w3.org, www-html@w3.org,

I'm glad to see the suggestions of probing and the proposal supporting
automatic submission have now been dropped.

At 11:21 AM 26-02-96 +1100, you wrote:
>
>Already there are programs that 'roam' the Internet, and I assume that a 
>particular kind of information would not be difficult to target, right?
>
I'm not clear on the relevance of web robots in this situation. Perhaps you
could clarify.

>Already there are some "interesting" applications like NetWatcher that 
>can be called on by your local friendly sysop.  I do not see much protection 
>of personal information once he/she takes over your session, do you?  
"takes over your session" could you explain this to me? Perhaps I'm being
dim but I do not understand what you're getting at.

>IMHO, the proposal is not only weak but it is also pernicious because a 
>template mechanism does not provide any protection for the individual 
>from unwittingly disclosing personal information, whether or not the 
>information is encrypted or standardised is irrelevant.  As a matter of 
>fact, it simply does not protect.
>
This seems a fair comment to me. Having a recommendation in the propsal that
browsers should ask for confirmation before sending any auto-filled in data
(just as the most popular ones currently do for sending unencrypted data!)
would seem wise.

Derek
---
Derek Harding
Online Production Manager
TPD Publishing Inc.
http://www.tpdinc.com/~derek/