- From: Eric J. Bowman <eric@bisonsystems.net>
- Date: Mon, 8 Dec 2014 17:47:16 -0700
- To: Mark Nottingham <mnot@mnot.net>
- Cc: "www-tag@w3.org List" <www-tag@w3.org>
Mark Nottingham <mnot@mnot.net> wrote: > > We've started work on a new Finding, to a) serve as a Web version of > the IAB statement, and b) support the work on Secure Origins in > WebAppSec. > And what of arguments against HTTPS everywhere? Could this document at least pay lip service to potential downsides, i.e. the death of shared caching for resources which really don't need encryption, or the flaws in the CA system? Or has the TAG deemed these arguments irrelevant; in which case, maybe explain why? For us Dilbert Dinosaurs with our flip phones, Windows XP and basic cable? -Eric
Received on Tuesday, 9 December 2014 00:47:34 UTC