- From: Afternoon <afternoon@uk2.net>
- Date: Tue, 21 Sep 2004 12:31:37 +0100
You mentioning signing of applets in your reply to Matthew Raymond in this thread. Has anybody considered signing web applications so that they can perform restricted tasks? Or is this a silly idea? Ben On 21 Sep 2004, at 5:34, Matthew Thomas wrote: > On 21 Sep, 2004, at 2:23 PM, Afternoon wrote: >> ... >> it is also in the user's interest for the interface to be >> straightforward and not to add confusion by duplicating controls. > > Sure, but that's not quite as important as protecting people from > having their passwords stolen. > >> In addition, the functions performed by certain controls may be >> totally inappropriate to the current application stage, for example >> the refresh control becomes a dangerous liability just after a user >> has submitted their credit card details and placed an order. > > Protecting people from such duplicate submissions can be, and is, > handled by UAs. > >> An application should have the flexibility to provide users with the >> controls they need to operate that application, no more, no less. >> ... > > If all Web authors were trustworthy, that would be possible. > > -- > Matthew Thomas > http://mpt.net.nz/ > > ((Ben Godfrey) (Software) (see "http://www.cohack.com/"))
Received on Tuesday, 21 September 2004 04:31:37 UTC