- From: <bugzilla@jessica.w3.org>
- Date: Thu, 24 Jul 2014 19:44:44 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=26332 --- Comment #12 from Mark Watson <watsonm@netflix.com> --- (In reply to David Dorwin from comment #11) > (In reply to Mark Watson from comment #8) > > > > > > These would be mixed content scenarios, which should be addressed by > > > https://w3c.github.io/webappsec/specs/mixedcontent/. > > > > > > > Ironically, that URL results in an SSL Connection Error, which kind-of > > illustrates one of the problems. > > What browser are you using? It works fine for me in Chrome and Firefox. I > don't think the fact that SSL might not be configured correctly means we > should avoid using it. SSL needs to be configured and used correctly for > many other reasons. Chrome. It's working now after I cleared browsing data and restarted my machine. Don't really know what the problem was. The point is that SSL introduces additional failure modes and we have measured this in the field. For our service, we have a baseline for our playback failure rate which, according to our measurements, it is not possible to achieve if there is SSL involved even on the browser that is 'best' in this area (and the 'best' here is much better than the rest). > > (In reply to Mark Watson from comment #10) > > I suggest we revert those changes until we have consensus. > > What specifically do you want to revert? There is no normative requirement > for secure origins in the text. The current text provides information about > the issues to implementors and authors to help them make informed decisions. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Thursday, 24 July 2014 19:44:46 UTC