W3C home > Mailing lists > Public > www-html@w3.org > February 1996

Re: Automatic Entry and Forms

From: Scott E. Preece <preece@predator.urbana.mcd.mot.com>
Date: Mon, 26 Feb 1996 09:21:25 -0600
Message-Id: <199602261521.JAA08357@predator.urbana.mcd.mot.com>
To: ajack@corp.micrognosis.com
Cc: connolly@beach.w3.org, murray@spyglass.com, rhazltin@bacall.nepean.uws.edu.au, hallam@w3.org, www-html@w3.org
   From: Adam Jack <ajack@corp.micrognosis.com>
|   I believe that unless we have a user authorize each item of data on
|   a per URL basis, if only once per data item, then we will be opening
|   a large privacy leak -- however unitentionally.

I guess I'd like to see the browser associate a privilege level with
each datum it caches.  Authorization would not be required for data the
user indicated to require no privilege.  For my own use, this would
include everything I have ever filled in in a form (I haven't used a
credit card number with a form, yet).  I guess I would then add an ACL
mechanism to grant specific privilages to specific domains.

Sending privileged data to an unprivileged site would require a specific
prompt and verification.

|   > 
|   > Ack! Good heavens, no! Phil's idea to use URIs to name templates
|   > disintermediates so nicely. No need for a central registry.
|   >
|   I think the Ack is a little strong -- and, myself not having a soln
|   other than I have expressed before w/ the learning browser, I am
|   beginning to see this as close to optimal. 

The template mechanism appears to allow you to have a distributed,
self-managing registry of names.  It looks pretty sensible to me.  You
could handle the core standard names by using the defining IETF document
as the template.

|   I am no expert on naming schemes however I wonder whether a group (URI) 
|   plus tag (field name) mechanism is as good as the more typical 
|   XXXX.YYYY.ZZZZ hierarchy. Surely, as was suggested in an earlier 
|   thread, the style sheet value mechanism might present a more functional 
|   model. (E.g. we could then consider functionality like allowing
|   information XXXX.YYYY.* to site AAAAA but not site BBBBB. We could
|   also consider user group (organisation) defaults not just user
|   defaults.)

I suggested an access control mechanism above.  At any rate, the access
control mechanism has to be in the browser and the field value cache,
not in the naming mechanism.  The user's level of concern about each
value has to be controlled on the user's side, not implied by the name
of the field or its defining agency.

|   As well as privacy issues we have to remember the practical issues.
|   The form author needs to track down the correct field name to use
|   when they create the form.  If the "template" mechanism were in place, 
|   with no registry, this task might be prohibitive. The theoretical benefits 
|   of flexibility could easily be outweighed.

Again, I think the "core" names would migrate up to one, or a few,
defining standard templates, and most other names would be on a single
form or single site basis, so I don't think naming would really be that

|   I do not believe that any mechanism will solve all requirements in this
|   area. Given that -- I would prefer to see a situation were a few hundred
|   fields were centrally maintained, and universally recognized, than have
|   a fragmented system like that of the "templates". 

I concur with the wish to see that core set of standardized names, but I
think the "template" mechanism is a very attractive way of managing the
standard set.


scott preece
motorola/mcg urbana design center	1101 e. university, urbana, il   61801
phone:	217-384-8589			  fax:	217-384-8550
internet mail:	preece@urbana.mcd.mot.com
Received on Monday, 26 February 1996 10:21:32 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 30 April 2020 16:20:18 UTC