Intent to deprecate: Insecure usage of powerful features

Please note that the main discussion for this is intended to be on the
blink-dev@chromium.org mailing list (
https://groups.google.com/a/chromium.org/forum/#!forum/blink-dev). However,
to alert relevant groups of the intent, we have bcc’d the following lists
on this email:

security-dev@chromium.org

dev-security@lists.mozilla.org

public-webappsec@w3.org

public-web-notification@w3.org

public-device-apis@w3.org

public-geolocation@w3.org

public-html-media@w3.org We want to start applying the concepts in
https://w3c.github.io/webappsec/specs/powerfulfeatures/ to features that
have already shipped and which do not meet the (new, not present at the
time) requirements. We want to start by requiring secure origins for these
existing features: - Device motion / orientation - EME - Fullscreen -
Geolocation - getUserMedia As with gradually marking HTTP as non-secure (
https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure),
we expect to gradually migrate these features to secure-only, based on
thresholds of usage, starting with lowest usage and moving towards higher.
We also expect to gradually indicate in the UX that the features are
deprecated for non-secure origins. The deprecation strategy for each of
these features is not decided on and may very well differ from feature to
feature. We don’t currently know what the thresholds will be, or how
heavily used the features are on what kinds of origins. We are in the
process of gathering data, and will report back when we have it. There are
no firm plans at all at this time, other than eventual deprecation. We
intend for this to stimulate a public discussion of the best way to
approach this deprecation. So, to that point, we'd love to hear what the
community thinks.


Thanks,

Joel Weinberger, Chrome Security

Received on Thursday, 26 February 2015 23:26:13 UTC