Date: Tue, 13 May 1997 20:56:03 +0200
From: Benjamin de la Porte des Vaux <delaport@ls7.informatik.uni-dortmund.de>
To: Marianne Mueller <mrm@Eng>
Subject: Re: Java Security Compatibility Tests
Then, after "100% Pure Java Program",
You want something like:
"100% Safe Java Browser".
It's surely a good Idea but, even if I
understand their "necessity", it
still sounds to me as something strange.
In my point of view, it is like beeing
in a restaurant and reading on the menu
a choice like that:
- soup ("du chef").
or
- 100% Pure Soup (without hairs).
But I agree with You, there is surely
people who would have fun to find long
blond hairs in their soup.
I believed that Java purpose was to be
restrictive in the beginning and to
allow more only if it doesn't disturb
the Java Safety.
I understand that You must allow some
freedom to Java-applications programmers.
But I don't think You should do that
for Java-applets programmers because I
think that a big part of Java's popularity
on the web is its safety purpose.
(but I could be wrong...)
The main problem with JavaScript is that
it is directly accessible threw URLs...
I totally agree that Java cannot make policy
decisions about how Java is used, but as
a toy for young children, it should be
impossible to use it in a dangerous(unsafe)
way. If Java is surely not a toy, programmers
are sometimes "young children"...
I've contacted Netscape and I've suggested
to add a checkbox "enable Java AND JavaScript"
and to put it in the Security preferences
which would have the advantage to point at
this problem as a Security problem.
Java is wonderful adventure and it must be
fascinating to be a part of it like You,
even if there is sometimes hard choices to do
(particularly in the Security-Team...).
I've found this discussion very pleasant,
interessant and instructive and, even if
I'm ready to continue it, I wanted to thank
You now for that.
Yours sincerely,
Benjamin.