W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2014

Re: Proposal: Prefer secure origins for powerful new web platform features

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 22 Aug 2014 08:09:41 +0200
Message-ID: <CADnb78hzFhVcWg-8SGrokaBG8h_qGk5sVQRDS53=iJ+hdjLA0A@mail.gmail.com>
To: Ian Melven <ian.melven@gmail.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Fri, Aug 22, 2014 at 7:13 AM, Ian Melven <ian.melven@gmail.com> wrote:
> I'm not seeing any arguments against requiring secure origins for certain
> functionality beyond the same old arguments against using SSL :
> * it costs some almost negligible amount of money
> * it requires some non-zero amount of work on the part of the website
> operator
> am i missing something ?

Yes, Netflix pointing out TLS would cost them non-negligible amounts
of money. Mark said he was getting data on that, so waiting for that
data seems like the best way forward here.

Received on Friday, 22 August 2014 06:10:08 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:06 UTC