Re: Fwd (TAG): Draft finding - "Transitioning the Web to HTTPS"

On Tue, Dec 30, 2014 at 2:27 PM, Marc Fawzi <marc.fawzi@gmail.com> wrote:

> Not saying not to pursue security or "more security than no security" What I'm saying is that both the choice of having security as well as the way in which it is achieved should not be a top down one-solution-fits-all decree by the W3C/TAG. I think web stack vendors should empower all kinds of solutions and approaches and the TAG/W3C should not promote just one model that it has determined to be the ultimate model but be all inclusive and give support and acknowledgement for other approaches (decentralized, hybrid, whatever) and  a chance of those models making it into the standards process upon maturing. I don't understand the fixation with TLS.

TLS is the transport layer security protocol we have. It is widely
supported and deployed.

Any proposed competitor for TLS — are you proposing one? — is likely
to be roughly as complex and is likely to take roughly as long to
develop as TLS has.

Received on Tuesday, 30 December 2014 22:32:22 UTC