[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Outstanding critical issue for KDE 2.2
From:       Greg Turpin <gregturp () home ! com>
Date:       2001-08-02 7:59:25
[Download RAW message or body]

Regarding SSL autocompletion:

  I just spoke with my roommate (my testbed for user-end
decisions) about autocompletion.  He HATES it.  I simply
mentioned the word "autocompletion" and he reacted
with disgust.  He doesn't want it at all.
He picked up on the security implications immediately.

  I then asked him if it would help that it is disabled
for SSL forms so that critical information would not
be stored.
  "Yeah, that's better." (direct quote)

  He hates autocompletion for anything (mostly
because of his insecure, proprietary, single-user
operating system : ) but I think that his "user-end"
opinion matters.

My humble opinion:
  For KDE 2.2 I think that we should disable
autocompletion for secure forms.  Since we are
in a message freeze (and will be until after KDE 2.2.1)
we should add the Control Center option to enable SSL autocompletion
AFTER the message freeze.

I think this appeals to security needs as well as user needs.
Autocompletion will still be around for input fields that
do not (generally) require security.

Greg Turpin
 
>> Visit http://master.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<

[prev in list] [next in list] [prev in thread] [next in thread]