On second thought, this is not where the *real* security happens though. The real security needs to happen on the backend. (Otherwise someone can just "forge" a form and submit to your XOOPS site a piece of text containing any tags he/she wishes). So the backend is where the tag restrictions etc. must happen.
It would be nice for the site visitors if the front-end (i.e. htmlarea) matched the acceptable set of tags though.
Seems like a reasonably big job though entirely possible. If XOOPS does eventually adopt something like this, the *first* step is securing the back end possibly allowing non-admins to enter a limited set of tags. The next step would be adding the HTML area.
Remember also, not everyone likes HTMLareas. I much prefer editing in text mode (or code mode), and would prefer to see a textarea even if an htmlarea was supported. I'm sure there are at least a few others who would agree. Perhaps that could be a user preference.