W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: something I don't get about the current plan...

From: Mike Belshe <mike@belshe.com>
Date: Sun, 17 Nov 2013 14:21:43 -0800
Message-ID: <CABaLYCsQ9b_LTZJx_dwqxx8uSViyT-ofLGiF880cZYX8Lgjchg@mail.gmail.com>
To: Nicolas Mailhot <nicolas.mailhot@laposte.net>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
On Sun, Nov 17, 2013 at 2:18 PM, Nicolas Mailhot <
nicolas.mailhot@laposte.net> wrote:

>
> Le Dim 17 novembre 2013 23:12, Mike Belshe a écrit :
>
> > There are a million apps in the app store, and every one of them had to
> go
> > get a cert and keep it up to date.  Why is it harder for the top-1million
> > websites to do this?
>
> Because you're not designing for the to-1million websites, you're
> designing for everyone including people who think green text on pink
> background is pretty and don't want their web site go down every year
> because their cert expired.
>

No.  This is a change that only affects the servers, not the clients.  The
client UI gets easier when security is on all the time.  I cited those
research reports yesterday.

UI research on mixed mode security has been very clear - we have yet to
find anything that works.

Mike







>
> --
> Nicolas Mailhot
>
>
Received on Sunday, 17 November 2013 22:22:10 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC