- From: Jim Manico <jim.manico@owasp.org>
- Date: Thu, 21 Aug 2014 21:04:57 -0500
- To: Adam Langley <agl@google.com>
- Cc: "Eduardo' Vela" <evn@google.com>, Chris Palmer <palmer@google.com>, Mark Watson <watsonm@netflix.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
> I do not get why Geolocation [...] need to be SSL only. Make it SSL by default and allow the developer to go through a few hoops to turn it off. Then ensure browsers provide warnings to users when geoLoc data is sent over HTTP... This seems to be a good balance between privacy (browser warnings), developer needs (HTTP support), and security (default to SSL). -- Jim Manico @Manicode (808) 652-3805 > On Aug 21, 2014, at 6:21 PM, Adam Langley <agl@google.com> wrote: > >> On Thu, Aug 21, 2014 at 3:29 PM, Eduardo' Vela" <Nava> <evn@google.com> wrote: >> I do not get why Geolocation [...] need to be SSL only. > > Let's just take this one for a moment. We're giving the web platform a > fairly significant power here and it's pretty reasonable to want to > take the sharp edge off it. > > When we ask the user whether they want to share their location with > example.com, it's not reasonable to turn around later and say "oh, > didn't you notice the lack of https? It's thus completely your fault > that you inadvertently shared your location with example.com and also > your ISP, government, etc.". We don't want to build a world where that > sort of information is commonly sent in the clear > > But the aim is not to make experimentation hard either. It really > shouldn't be, it's just that setting up a local CA and the DNS for > experimentation is harder than it should be. If loopback adaptors > weren't configured by default then HTTP would be a pain to experiment > with also. If I had lots of free time, I'd submit patches to distros > to make it easier. But that's a much better direction than a clear > text world. > > > Cheers > > AGL
Received on Friday, 22 August 2014 02:10:29 UTC