Re: New Input type proposal

On Jan 14, 2008 6:27 AM, Geoffrey Sneddon <> wrote:

> On 11 Jan 2008, at 09:32, Preston L. Bannister wrote:
> > Folks, you are re-inventing the wheel, and repeating classic mistakes.
> The problem is all existing solutions have minor issues, see below:
> > There is a lack. It is (or should be) possible to do secure logins
> > across
> > unencrypted channels. What is needed is access to an encryption
> > library from
> > Javascript. That would be outside to scope of the HTML specification.
> ECMAScript cannot be the solution, for what is the purpose of
> encrypting data from some UAs (those that support ECMAScript) and not
> from those that don't? It creates additional complexity on the server
> having to determine whether a field is encrypted or not (though, with
> BC concerns, this would need to be done anyway). If we want to encrypt
> data, it should be from all HTML 5 UAs, and not just the subset
> thereof that support ECMAScript.

Is a UA that does not support Javascript viable?  I suspect the answer is

Received on Wednesday, 16 January 2008 06:17:24 UTC