On Tue, Oct 7, 2014 at 9:04 AM, Anne van Kesteren <annevk@annevk.nl> wrote: > On Tue, Oct 7, 2014 at 5:59 PM, Justin Uberti <juberti@google.com> wrote: > > 2) this breaks real, existing applications, e.g. http://webcamtoy.com/ > > It seems they could easily move to use an authenticated origin, no? > > > > 3) makes trying/experimenting with webrtc difficult, e.g. > > http://jsfiddle.net, or http://localhost > > Same for jsfiddle.net. localhost is already an authenticated origin. > > > Some short term breakage should not outweigh long term pervasive > monitoring. > > These are just some arbitrarily selected examples. The point is that short term breakage would not be insignificant. While I agree that we should encourage web developers to upgrade to HTTPS, singling out WebRTC developers seems like the wrong way to go about this.
Received on Tuesday, 7 October 2014 18:01:13 UTC