Re: ACTION-893: Start putting together a set of guidelines that could help address the security issues triggered by links rewriting.

Tom Hume wrote:
>
>
> I just gave you an example of a case where degrading HTTPS would be OK 
> from the content providers POV. I can *guarantee* you it exists - I 
> was that content provider. If there's one, there's probably others. 
> And I'm not saying this means it's OK to routinely degrade security...

so, if you agree that degrading security routinely is not OK, just say 
it, request that CTG demands that HTTPS links are not rewritten and 
let's stop this this discussion in which, what is left, is transcoder 
vendors' interests against the rest of the world.

Opt-in whitelists for websites can be discussed in a new separated thread.

Luca

Received on Tuesday, 20 January 2009 23:41:09 UTC