Re: Chrome WebVR avaliable only on secure origins

tnx
had not thought of that...
that is a lot of potential use
stopped dead

jeffs
--
Jeff Sonstein
Assoc. Prof. (ret'd)
College of Computing, R.I.T.


> On Jul 14, 2016, at 8:28 AM, Kieran Farr <kieran.farr@gmail.com> wrote:
> 
> Just one point I haven't seen mentioned yet wrt China. In my past role for video streaming company, we worked on a few projects for customers with users in China. Anything served over SSL from a non-Chinese origin had a *significantly* higher chance of being blocked by great firewall, to the point where we recommended for practical reasons that in-country users access out-of-country content NOT via SSL, OR to go through a very onerous process with a Chinese entity to register to have a Chinese based server and cert.
> 
> 
>> On Thu, Jul 14, 2016 at 2:16 PM, Jeff Sonstein <jsonstein@gmail.com> wrote:
>> +1
>> Sandy is right
>> 
>> jeffs
>> --
>> Jeff Sonstein
>> Assoc. Prof. (ret'd)
>> College of Computing, R.I.T.
>> 
>> 
>>> On Jul 14, 2016, at 8:12 AM, Ressler, Sandy (Fed) <sressler@nist.gov> wrote:
>>> 
>>> While I agree with the motivations of creating a more secure web…it seems odd to have special implementation restrictions for WebVR as opposed to any other media delivery. Certainly at the very least if HTTPS only turns out as a requirement there needs to be a flag aka Tony’s 
>>> 
>>> --allow-file-access-from-files
>>> 
>>> 
>>> Personally I thinks it’s overkill and overly prescriptive, the whole issue of HTTPS should be dealt with at the HTTPS level independent of content types and existing CORS restrictions treat all content uniformly. Onward…Sandy
>>> 
>>> 
>>> 
>>> Sandy Ressler
>>> High Performance Computing and Visualization Group
>>> National Institute of Standards and Technology
>>> 100 Bureau Drive, STOP 8911
>>> Gaithersburg MD, 20899
>>> (301) 975-3549 Fax: (301) 975-3218
>>> sressler@nist.gov      @sressler
>