W3C home > Mailing lists > Public > public-bpwg@w3.org > January 2009

Re: ACTION-893: Start putting together a set of guidelines that could help address the security issues triggered by links rewriting.

From: Luca Passani <passani@eunet.no>
Date: Wed, 21 Jan 2009 00:40:30 +0100
Message-ID: <497660EE.1030805@eunet.no>
To: MWI BPWG Public <public-bpwg@w3.org>

Tom Hume wrote:
>
>
> I just gave you an example of a case where degrading HTTPS would be OK 
> from the content providers POV. I can *guarantee* you it exists - I 
> was that content provider. If there's one, there's probably others. 
> And I'm not saying this means it's OK to routinely degrade security...

so, if you agree that degrading security routinely is not OK, just say 
it, request that CTG demands that HTTPS links are not rewritten and 
let's stop this this discussion in which, what is left, is transcoder 
vendors' interests against the rest of the world.

Opt-in whitelists for websites can be discussed in a new separated thread.

Luca
Received on Tuesday, 20 January 2009 23:41:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 25 March 2022 10:09:53 UTC