"Bud P. Bruegger" wrote:
>
> I think XForms would be a very attractive component in a solution. I
> looked into it and it seems too early on to even track it. Any idea of how
> one could keep a migration path open towards XForms?
>
Other than using one of the vendor products that are pre-cursors and
then following them into standardization migration, no.
>
>
> I believe that the likelihood to have JavaScript on a browser is MUCH
> higher than Java--particularly if one requires a recent version of Java!
>
If we restrict ourselves to Netscape and Microsoft browsers, I think
it's the same, SUN leveled the playing field with JRE.
>
> Actually, the situation may get worse with an increasing choice of
> browsers, particularly small footprint ones in gadgets and devices... Will
> they all have JavaScript and Java?
>
Actually, I think it's higher probability that they will have java. See
embedded java already in smart cards and cell phones (only one cell
company not licensed for java!) But what kind of java? Embedded java
is much stripped down. And that will require serious rethinking about
purpose built devices versus general purpose computing devices with
applications installed on them.
>
>
> XSLT seems simple for very simple examples and hard for bigger ones. Yes,
> it is a touring complete language, but it is functional that requires a lot
> of rethinking from procedurally oriented people...
>
It will be interesting to see if the XML craze will encourage people to
understand functional programming!
>
>
> A home for this may be Enhydra's Rocks project (see
> http://xmlc.enhydra.org/ and
> http://xmlc.enhydra.org/community/workingGroups/rocks_docs/rocks_presentatio
> n_framework.pdf)
>
They just avoid the issue for now. If you want to do client side logic,
you must have some execution engine around. There is no way around that
that I can think of. What our current choices and what might be on the
horizon? java, javascript, XLST maybe and if all M/S you can add in vb
and VBS and soon C#.
>
> So IMO security is in increasingly getting in crisis until
> things like challenge and response smart cards or retina scanning are
> getting commonplace..
>
Well, I am just as guilty as anyone in promoting technological security
solutions. Security is a process that involves humans, as reliable as
they are. The single thing making security a crisis is that we have
favored technologies over process. As Bruce Schneier paraphrases, "If
you think technology is the answer for security, you don't understand
either security or technology."
I can't begin to tell you how much 'new tech' security solutions have
increased the writing down of passwords in large scale enterprises.
By rethinking the paradigm of how information is secured (security
following the information) I am hopeful that we will come back to IT
systems that pay attention to the human interactions that take place.
As to goverments of the world paying attention, they already know this
and in many cases it is not in their interests to promote this
paradigm. If anyone remembers content-labeling as a high security DOD
initiative, I once talked to DOD/NSA contractor who told me that
labeling fundamentally did not work in pratice. Yet the notion of
provider defined sensitivity levels and labeling is still being talked
about as standard practice in healthcare.
