W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2015

Re: [whatwg] Fetch, MSE, and MIX

From: Ryan Sleevi <sleevi@google.com>
Date: Fri, 17 Apr 2015 14:57:12 -0700
Message-ID: <CACvaWvbRFtF+KZeP209zPkd1TG=-X2_okwgyLDxz8ATXyne4iA@mail.gmail.com>
To: Brian Smith <brian@briansmith.org>
Cc: Mark Watson <watsonm@netflix.com>, Anne van Kesteren <annevk@annevk.nl>, Martin Thomson <martin.thomson@gmail.com>, Aaron Colwell <acolwell@google.com>, Brad Hill <hillbrad@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Matthew Wolenetz <wolenetz@google.com>, WHATWG <whatwg@whatwg.org>, Domenic Denicola <d@domenic.me>, "public-html-media@w3.org" <public-html-media@w3.org>
On Fri, Apr 17, 2015 at 2:54 PM, Brian Smith <brian@briansmith.org> wrote:

> > As it stands, the absence of this solution makes several much less
> secure or
> > interoperable options more desirable, both from a technological
> perspective
> > and a user-experience.
> Such as?

NPAPI-based solutions, obviously.

> Personally, I think that unless and until a content provider is
> willing to post on this list saying that they feel they need this and
> why nothing else we can do would be an acceptable alternative, then we
> should just shelve the issue of making an exception for mixed-content
> MSE completely.

This is a suprisingly absolutist position, for reasons you've not really
expanded upon.
Received on Friday, 17 April 2015 22:00:51 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:48 UTC