W3C home > Mailing lists > Public > www-html@w3.org > November 2002

Re: Idea for securityfix in HTML

From: Shawn K. Quinn <skquinn@speakeasy.net>
Date: Fri, 15 Nov 2002 17:08:03 -0600
To: "Xatr0z" <xatr0z@users.sourceforge.net>, "Xatr0z" <xatr0z@home.nl>, <www-html@w3.org>
Message-Id: <200211151708.05044.skquinn@speakeasy.net> 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday November 15 2002 16:04, Xatr0z wrote:
> Hello,
>
> We have got an idea for an securityfix in HTML. When people send
> sensitive information with HTML forms, this information can be read.
> This is very insecure,
> just like the FTP protocol sends passwords without encryption. This
> is also the reason that a lot of WWWebsites are using https://
> instead of http://.

This is why we have SSL-enabled http (https), and I see no reason why 
your proposal would be useful at all. If you want security, use SSL.

- -- 
Shawn K. Quinn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE91X5UQVXDBVmaIp0RAlBfAKDFukUDkJmUFQ4eZd7pyhWlPdWdzgCgnm3R
6AIIIXNa5kp9qRgTUbqkwdc=
=TgqU
-----END PGP SIGNATURE-----
Received on Saturday, 16 November 2002 20:52:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:49:29 GMT