- From: Mark Watson <watsonm@netflix.com>
- Date: Thu, 21 Aug 2014 16:37:21 -0700
- To: Adam Langley <agl@google.com>
- Cc: "Eduardo' Vela" <evn@google.com>, Chris Palmer <palmer@google.com>, Jim Manico <jim.manico@owasp.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Sent from my iPhone > On Aug 21, 2014, at 4:21 PM, Adam Langley <agl@google.com> wrote: > >> On Thu, Aug 21, 2014 at 3:29 PM, Eduardo' Vela" <Nava> <evn@google.com> wrote: >> I do not get why Geolocation [...] need to be SSL only. > > Let's just take this one for a moment. We're giving the web platform a > fairly significant power here and it's pretty reasonable to want to > take the sharp edge off it. > > When we ask the user whether they want to share their location with > example.com, Wouldn't it be more accurate to say to the user, at this point, "This website wishes to access your location. However, we can't reliably determine the identity of the website and it may send your location information in a way that is not protected against eavesdropping. Do you want to proceed?" ? > it's not reasonable to turn around later and say "oh, > didn't you notice the lack of https? It's thus completely your fault > that you inadvertently shared your location with example.com and also > your ISP, government, etc.". We don't want to build a world where that > sort of information is commonly sent in the clear > > But the aim is not to make experimentation hard either. It really > shouldn't be, it's just that setting up a local CA and the DNS for > experimentation is harder than it should be. If loopback adaptors > weren't configured by default then HTTP would be a pain to experiment > with also. If I had lots of free time, I'd submit patches to distros > to make it easier. But that's a much better direction than a clear > text world. > > > Cheers > > AGL
Received on Thursday, 21 August 2014 23:37:48 UTC