Re: Proposal: Marking HTTP As Non-Secure

On Thu, Dec 18, 2014 at 5:10 PM, Daniel Kahn Gillmor
<dkg@fifthhorseman.net> wrote:
> ...
> Four proposed fine-tunings:
>
>  A) i don't think we should remove "This website does not supply
> identity information" -- but maybe replace it with "The identity of this
> site is unconfirmed" or "The true identity of this site is unknown"
None of them are correct when an interception proxy is involved. All
of them lead to a false sense of security.

Given the degree to which standard bodies accommodate (promote?)
interception, UA's should probably steer clear of making any
statements like that if accuracy is a goal.

Received on Thursday, 18 December 2014 22:22:38 UTC