W3C home > Mailing lists > Public > public-bpwg@w3.org > February 2009


From: Jeff Sonstein <jeffs@it.rit.edu>
Date: Tue, 10 Feb 2009 07:54:15 -0500
Message-Id: <1026DE6D-78D9-41BB-B341-7EDF5B9D408F@it.rit.edu>
To: member-bpwg@w3.org
Cc: public-bpwg@w3.org

just a quick note before the teleconf today
re feedback on the MWABP document
as per Action Ite  904:

there are more comments now
at http://chw.rit.edu/blog/?p=187
as per the action item requested
and there has been a spirited discussion
about the document
on Oxford Mobile Forum
and in other venues

it is *very* clear there is a community consensus
about the whole secure URI access issue...
the stance taken by pretty much everybody is that
if a site says :
"this URI should be accessed via a secure connection"
then the "Best Practices" document should say:
"honor the requirement for a secure connection"

I agree wholeheartedly with this perspective...
we are building a "Best Practices" document
which may or may not be the same as
the current practices of one site/vendor or another
and that is okay...

"Best Practices" should reflect what *should* happen

my position on this issue has become:

a site says "use HTTPS"
the "Best Practice" we should recommend is "use HTTPS"


Lyndon Johnson said the two things that
make politicians behave more stupidly
than anything else are sex and envy. You
might add one more: proximity. I always
think men are more prone to get seduced
by proximity into making unwise choices.
They tend to be a bit lazy. They'll grab the
closest doughnut off the platter.
- Maureen Dowd -

Prof. Jeff Sonstein

Received on Tuesday, 10 February 2009 12:55:06 UTC

This archive was generated by hypermail 2.4.0 : Friday, 25 March 2022 10:09:53 UTC