W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2014

Re: SRI, cache validation and ServiceWorkers

From: Alex Russell <slightlyoff@google.com>
Date: Tue, 20 May 2014 09:04:03 -0700
Message-ID: <CANr5HFX6-OaX6C04qxBLtyY039mhWivq8dKnBqwTR04PKbYcHA@mail.gmail.com>
To: Daniel Appelquist <Daniel.Appelquist@telefonica.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, www-tag <www-tag@w3.org>, Jake Archibald <jakearchibald@google.com>
On Tue, May 20, 2014 at 3:05 AM, Daniel Appelquist <
Daniel.Appelquist@telefonica.com> wrote:

> Alex - Fundamentally I agree with you that the move to more TLS on the Web
> is a good thing - AND I also think it’s important to listen to the
> concerns of the developers (including some relatively large-scale sites)
> about the move to https.  The third party ad network thing is important -
> this is how a lot of the Web pays its bills right now.


These aren't systems that would work transparently offline in the first
place. Major architecture and integration challenges exist to rationalize
web ad serving and the offline experience (particularly around impression
reporting). This isn't simply us taking something away: if the want to opt
into Service Worker integration, SSL/TLS is likely not the largest hurdle.
In fact, I suspect it's a relatively minor point.

As I said before, this is carrot, not stick. It in no way changes how the
bills get paid for existing content. Luddite ad networks and publishers can
continue in their current mode indefinitely.

Regards


> >Replying here because my previous response didn't cc the TAG. Apologies
> >for thread-splitting.
> [snip]
Received on Tuesday, 20 May 2014 16:05:01 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:05 UTC