9865 – Encrypted HTML5 forms

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 9865 - Encrypted HTML5 forms

Summary: Encrypted HTML5 forms

Status:	VERIFIED INVALID

Alias:	None

Product:	HTML WG
Classification:	Unclassified
Component:	pre-LC1 HTML5 spec (editor: Ian Hickson) (show other bugs)
Version:	unspecified
Hardware:	PC All

Importance:	P5 enhancement
Target Milestone:	---
Assignee:	Ian 'Hixie' Hickson
QA Contact:	HTML WG Bugzilla archive list

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2010-06-06 09:50 UTC by ryan14
Modified:	2010-10-09 15:29 UTC (History)
CC List:	6 users (show)

See Also:

Attachments

Description ryan14 2010-06-06 09:50:42 UTC

The HTML5 forms where users can type text, usernames, passwords, etc, should have encryption. So apart from having un-encrypted HTML5 forms, there should be encrypted HTML5 forms too.

I know people can use https(SSL) to encrypt HTML5 forms, but I'm talking about encryption between the HTML5 forms and the web browser, so if a user has a keylogger or spyware installed on their computer and they type text into an encrypted HTML5 form, the keylogger won't be able to see the text, so by having an encrypted HTML5 form tag, developers can encrypt their HTML5 forms without the user needing encryption software installed on their computer.

Comment 1 Andreas Kuckartz 2010-06-07 08:06:42 UTC

Implementors are free to use encryption internally, but that has no influence on the HTML5 spec.

Keyloggers see what is typed. That does not depend on the User Agent (web browser).