sayrer: it scares me that you are editing an html specification and are asking that question. i really don’t have the time to teach you elementary web design, sorry.
O’Reilly got burned by remote JS. Douglas Crockford’s module element would help with this sort of attack. I don’t feel so positively about all of the “Fixing HTML” page, but the module piece looks great. If only there were more details on the “common capability communication” mechanism.