- From: Pete Snyder <psnyder@brave.com>
- Date: Thu, 11 Apr 2019 08:25:32 -0700
- To: Mark Nottingham <mnot@mnot.net>
- Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Hi Mark, Point taken! Two follow up thoughts on this: 1) This isn’t _that_ different from the new semi-practice of gating things behind HTTPS (though I take your point that HTTP2 vs HTTP3 is _even_ harder for the developer to control than HTTP vs HTTPS) 2) Do you have ideas for other big-shiny new upcoming features we could use as a carrot to get people to opt into a more privacy-respecting feature set? Pete > On Apr 10, 2019, at 9:22 PM, Mark Nottingham <mnot@mnot.net> wrote: > > > >> On 11 Apr 2019, at 4:36 am, Pete Snyder <psnyder@brave.com> wrote: >> >> 4) Add idea of feature policy for scripts, define default restrictive feature policy for scripts, make this the default for sites taking advantage of Y new nice feature (HTTP3 / QUIC, etc.) > > I think you're going to see significant pushback from the community if you gate adoption of backwards-compatible protocols on things like this. > > Typically, the protocol version in use is determined by operations folks, not the Web developer, and is often part of configuration of a third party (e.g., web hoster, CDN) that might not be under their full control. Making features unavailable based upon the underlying protocol is likely to cause a fair amount of chaos for them. > > Cheers, > > > -- > Mark Nottingham https://www.mnot.net/ >
Received on Thursday, 11 April 2019 15:26:00 UTC