Re: Proposal: Prefer secure origins for powerful new web platform features from Chris Palmer on 2014-08-21 (public-webappsec@w3.org from August 2014)

From: Chris Palmer <palmer@google.com>
Date: Thu, 21 Aug 2014 16:22:11 -0700
To: "Eduardo' Vela" <evn@google.com>
Cc: Jeffrey Yasskin <jyasskin@google.com>, Mark Watson <watsonm@netflix.com>, Jim Manico <jim.manico@owasp.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAOuvq21CEBv8TvZLb8PpRjOmwfQ2XTmPr9_d9Xsb1+j8_0dZEg@mail.gmail.com>

On Thu, Aug 21, 2014 at 4:14 PM, Eduardo' Vela" <Nava> <evn@google.com> wrote:

> Building a cool website will now require a Google account (or an Amazon
> account, or a VeriSign account). And in a world without these actors, you
> have to bypass SSL warnings.

It used to require a university account. It will always require *something*.

>> https://citizenlab.org/2014/08/cat-video-and-the-death-of-clear-text/
>> perhaps.
>
> Making geolocation permission not sticky across page reloads would fix that
> I assume.

Note: We are talking about geo*fencing*, not mere geolocation.

Received on Thursday, 21 August 2014 23:22:38 UTC