W3C home > Mailing lists > Public > www-tag@w3.org > December 2014

Re: Draft finding - "Transitioning the Web to HTTPS"

From: Eric J. Bowman <eric@bisonsystems.net>
Date: Mon, 8 Dec 2014 17:47:16 -0700
To: Mark Nottingham <mnot@mnot.net>
Cc: "www-tag@w3.org List" <www-tag@w3.org>
Message-Id: <20141208174716.124d2b980ad3baadd0ed28d1@bisonsystems.net>
Mark Nottingham <mnot@mnot.net> wrote:
>
> We've started work on a new Finding, to a) serve as a Web version of
> the IAB statement, and b) support the work on Secure Origins in
> WebAppSec.
> 

And what of arguments against HTTPS everywhere? Could this document at
least pay lip service to potential downsides, i.e. the death of shared
caching for resources which really don't need encryption, or the flaws
in the CA system?

Or has the TAG deemed these arguments irrelevant; in which case, maybe
explain why? For us Dilbert Dinosaurs with our flip phones, Windows XP
and basic cable?

-Eric
Received on Tuesday, 9 December 2014 00:47:34 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:33:27 UTC