- From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
- Date: Mon, 13 Apr 2015 12:32:40 +0300
- To: Glen <glen.84@gmail.com>
- Cc: Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org
On Mon, Apr 13, 2015 at 11:10:06AM +0200, Glen wrote: > Well protecting some is better than protecting none at all. Some things are just worse than useless. > Also: > > - I don't believe that it will be that frequent. A lot of the larger sites > are already on HTTPS (Google, Facebook, Twitter, etc.), and many more will > follow, especially if Firefox/Chrome refuse to support HTTP/2 without TLS. > - The message does not have to be "obscure", it could be written in layman's > terms, with links to additional information. > > Do you honestly believe that letting users unknowingly submit private data > (including passwords) over HTTP is the better option? This has been tried. It did not work. - If dialog has "don't show this again" option, it will be checked. - If not, the dialog will be dismissed unread (the user never even recognizing that the warning existed) after the first few times. -Ilari
Received on Monday, 13 April 2015 09:33:06 UTC