ISSUE-123

Safe Form Bar: HTTP assumptions in "no TLS" section

State:
CLOSED
Product:
wsc-xit-past-062008
Raised by:
Thomas Roessler
Opened on:
2007-10-11
Description:
The current text assumes that there is always a meaningful interaction that can be described as "see if there's a secure version of this." The text seems to assume that the form the editor bar is dealing with was retrieved by way of a GET request; in this event, the assumption probably (but not always) holds.

In case of POST, the assumption most of the time *won't* hold.

See also RFC 2616, safe vs unsafe.
Related Actions Items:
Related emails:
  1. WSC Open Action Items (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-02-15)
  2. Re: Agenda: WSC WG distributed meeting, Wednesday, 2008-01-23 (from hahnt@us.ibm.com on 2008-01-23)
  3. RE: Agenda: WSC WG distributed meeting, Wednesday, 2008-01-23 (from dan.schutzer@fstc.org on 2008-01-23)
  4. Agenda: WSC WG distributed meeting, Wednesday, 2008-01-23 (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-01-22)
  5. Re: ACTION-369: webarch implications of 7.2 (from tlr@w3.org on 2008-01-17)
  6. ISSUE-181: Should there be an authoring practice suggesting http/https URI space consistency [wsc-xit] (from sysbot+tracker@w3.org on 2008-01-17)
  7. Re: ACTION-369: webarch implications of 7.2 (from ifette@google.com on 2008-01-17)
  8. ACTION-369: webarch implications of 7.2 (from tlr@w3.org on 2008-01-17)
  9. Meeting record: WSC WG weekly 2008-01-09 (from tlr@w3.org on 2008-01-16)
  10. [fwd] 09-wsc-minutes.html (from: Anil.Saldhana@redhat.com) (from tlr@w3.org on 2008-01-12)
  11. WSC Open Action Items (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-01-11)
  12. Agenda: WSC WG distributed meeting, Wednesday, 2008-01-09 (from Mary_Ellen_Zurko@notesdev.ibm.com on 2008-01-08)
  13. Re: ISSUE-123 - Safe Form Bar: HTTP assumptions in 'no TLS' section (from tlr@w3.org on 2007-12-19)
  14. ISSUE-123 - Safe Form Bar: HTTP assumptions in 'no TLS' section (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-12-19)
  15. RE: Agenda: WSC WG distributed meeting, Wednesday, 2007-12-19 (from dan.schutzer@fstc.org on 2007-12-19)
  16. Re: Agenda: WSC WG distributed meeting, Wednesday, 2007-12-19 (from tlr@w3.org on 2007-12-19)
  17. RE: Agenda: WSC WG distributed meeting, Wednesday, 2007-12-19 (from wdoyle@mitre.org on 2007-12-19)
  18. Agenda: WSC WG distributed meeting, Wednesday, 2007-12-19 (from Mary_Ellen_Zurko@notesdev.ibm.com on 2007-12-18)
  19. ISSUE-123: Safe Form Bar: HTTP assumptions in 'no TLS' section [Techniques] (from sysbot+tracker@w3.org on 2007-10-11)

Related notes:

http://www.w3.org/2006/WSC/drafts/rec/rewrite.html#safebar-comparecn

Thomas Roessler, 11 Oct 2007, 10:36:29

Safe Form Editor did not make it into wsc-ui.

Tyler Close, 16 Sep 2008, 20:53:06

Display change log ATOM feed

Mary Ellen Zurko <mzurko@us.ibm.com>, Chair, Thomas Roessler <tlr@w3.org>, Staff Contact
Tracker (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 123.html,v 1.1 2010/10/11 09:35:05 dom Exp $