Encrypt the File using the "Save" or "Save As" option.



17 years ago
14 years ago


(Reporter: fletchsod, Assigned: asa)


Firefox Tracking Flags

(Not tracked)




17 years ago
User-Agent:       Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)
Build Identifier: 

I received an unusual requirement from the credit bureaus, Experian.  As we 
know, Mozilla is no longer a web browser by itself but of anything.  The 
request is that the file be 128-bit encrypt when saving the inquiry data to the 
hard disk.  The purpose of this is to protect the sensitive information from 
hacking or unauthorized access.  For the sake of this, just test it with any 
webpage you visit and save it.

Reproducible: Always

Steps to Reproduce:
1. Go to any website.
2. Save any webpage with either the "Save" option and/or "Save As" option.
3. Save it to where you want to save it to.

Actual Results:  
File is saved with no encryption features.

Expected Results:  
Save File with encryption when requested or required.

Decided to put this down as Request for Enchancement.  Internet Explorer 
doesn't even have this feature either.  Encryption Keys???  I dunno!


17 years ago
Ever confirmed: true


17 years ago
OS: Windows 2000 → All
Hardware: PC → All

Comment 1

17 years ago
WONTFIX.  This is just plain silly.

Whose data is it?  If we are talking about people inside Experian looking at 
random credit reports, then Experian should use an encrypting file system or 
something similar.

If we're talking about home users accessing their own credit reports, then it's 
their data - let them decide what they want to do with it, and what 
restrictions they want to put on it.

Otherwise, you're going down the road of mandated access controls and mandatory 
DRM 'for the sake of the users' - better make sure we disable the Print 
function in case they print off a copy, too...
Last Resolved: 17 years ago
Resolution: --- → WONTFIX

Comment 2

17 years ago
No, this is not about the internet SSL encryption.  Mozilla is evolving to 
become a platform of anything, it is becoming less and less of a web browser.  
I have seen people talk of one gecko project as an internet operating system.  
I have seen other talk of project that use gecko as an application on the 
refrigerators.  There is one by Slyware (spelling????) where people can open up 
the application on the computer and select a movie to watch.  This is what 
gecko is all about.  

I saw one bug report in the bugzilla on Tech Evangelism but it turned out that 
the webmaster's reason for making the website be accessable by IE only because 
it work with visual basic and with MS javascript code that can open up the 
spreadsheet, read it and display it in html.  Gecko doesn't have this feature 

Since the person from comment #1 doesn't agree with me so I'm not gonna worry 
about it.  Experian won't approve my company for customer use because the web 
browser doesn't have the feature to save the file as encrypted file where the 
certain user can type in a password to read the file right from the desktop.  
So, I had no choice but to prevent the non-IE browsers from using my company's 
website because of that.  I'm working on embedding the VB Script and Active-
Control into the webpage to enable this feature since IE support this feature.  
Experian told me they have other customer that use software on their machine 
that can send and receive inquiry from Experian through the network, they 
aren't even a web browser.

I'm gonna leave hte bug status unchanged.  One day, someone at Mozilla will 
step up the plate and make it become a reality somehow.  So, I'm not going to 
worry about it.

Comment 3

17 years ago
I know this isn't about SSL, but it is still about mandating access controls to
user's information, which is a little silly.  Like I said, hope they don't print
out a copy and leave it lying about...

Anyway, IE doesn't have the facility to save a page as an encrypted file, either
(unless you're saving to an EFS filesystem, and Mozilla would support that too).
 And nothing in the Windows operating system *as standard* will prompt the user
to type in a password to open an encrypted file.

You mention that you're going to embed script and an ActiveX control into the
webpage to support this, so *you* aren't relying on IE's native behaviour either.

You could:
1. Find the bug that's about supporting ActiveX controls in Mozilla and help get
that fixed.  It's probably WONTFIX though, so instead ...
2. Use JavaScript instead of VBScript on the client.  Same difference, works in
both browsers.
3. Use a netscape plugin instead of an ActiveX control, which will also work in
both IE and Opera, and be cross-platform too, not just restricted to Win32. 
Client-side signed Java might also be an option, though the different capability
models you'll need to use to get local file access might be a pain.

I'm sure there are plenty of other ways to achieve the same thing, but none of
them involve building file-save encryption into Mozilla.

Comment 4

17 years ago
Not a problem!  Experian is well, Experian!  I'm still floating on the idea 
about the Java and other stuffs where I can make it more compactible with 
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.