Marking HTTP As Non-Secure from Raúl Martínez on 2015-11-05 (public-webappsec@w3.org from November 2015)

From: Raúl Martínez <rme@rme.li>
Date: Thu, 5 Nov 2015 16:35:19 +0100
To: public-webappsec@w3.org, blink-dev@chromium.org, security-dev@chromium.org, dev-security@lists.mozilla.org
Message-ID: <CA+8=xuJ6kXEau5F2_4FoK_hneR5sn80txEPG6fN9qfmeD=4v-g@mail.gmail.com>

Hi,
Latest Forefox nightly build (44) marks HTTP as non secure if the page
contains a password input.

Today I read again the proposal (
https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure)
and I realise that year 2015 is about to end and currently no browsers are
even marking http as dubious.

What are the plans un Chrome and Firefox for this proposal? What is the
planned roadmap?

Thanks

Received on Friday, 6 November 2015 08:31:31 UTC