- From: <passani@eunet.no>
- Date: Tue, 20 Jan 2009 23:39:54 +0100 (CET)
- To: "Tom Hume" <Tom.Hume@futureplatforms.com>
- Cc: "Mobile Web Best Practices Working Group WG" <public-bpwg@w3.org>
> How would it work from a content providers perspective? Would they > need to register their service individually, or would some sort of > aggregated whitelist make sense? I've wondered about such things > before [1]... I never heard of a content provider or developer who, one fine morning, realised that, while they wanted to keep HTTPS-only login to their website, at the same time they also wanted a mobile site, they were not OK with building their own, but they liked the idea that someone would do it for them through transcoding, all of this without even having to care to authorize transcoders to by-pass the HTTPS security they peviously implemented. In short, you are on pretty thin ice here trying to find legitimate scenarios to break HTTPS for your transcoding friends. Luca
Received on Tuesday, 20 January 2009 22:40:30 UTC