W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2014

Re: Proposal: Marking HTTP As Non-Secure

From: Gervase Markham <gerv@mozilla.org>
Date: Fri, 19 Dec 2014 14:07:52 +0000
Message-ID: <54943138.5080907@mozilla.org>
To: Chris Palmer <palmer@google.com>
CC: blink-dev <blink-dev@chromium.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>, security-dev <security-dev@chromium.org>
To: mozilla-dev-security@lists.mozilla.org
On 18/12/14 19:29, Chris Palmer wrote:
> We don't currently have any hard thresholds, just numbers that I kind
> of made up. Any suggestions?
> Also, shall we measure resource loads, top-level navigations, minutes
> spent looking at the top-level origin, ...? Probably all of those and
> more...

Very good questions. All of those are interesting metrics; it would be
interesting to try and see, on a small scale, if any of the
harder-to-measure ones actually track the easier-to-measure ones! :-)

I'd say top-level is key, as that's what the UI indicators relate to.
Probably site count is a bit more important than minutes spent - and
easier and less privacy-invasive to track, to boot.

Received on Friday, 19 December 2014 14:08:22 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:08 UTC