Re: [whatwg] Fetch, MSE, and MIX from Ryan Sleevi on 2015-04-17 (public-webappsec@w3.org from April 2015)

From: Ryan Sleevi <sleevi@google.com>
Date: Fri, 17 Apr 2015 14:57:12 -0700
To: Brian Smith <brian@briansmith.org>
Cc: Mark Watson <watsonm@netflix.com>, Anne van Kesteren <annevk@annevk.nl>, Martin Thomson <martin.thomson@gmail.com>, Aaron Colwell <acolwell@google.com>, Brad Hill <hillbrad@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Matthew Wolenetz <wolenetz@google.com>, WHATWG <whatwg@whatwg.org>, Domenic Denicola <d@domenic.me>, "public-html-media@w3.org" <public-html-media@w3.org>
Message-ID: <CACvaWvbRFtF+KZeP209zPkd1TG=-X2_okwgyLDxz8ATXyne4iA@mail.gmail.com>

On Fri, Apr 17, 2015 at 2:54 PM, Brian Smith <brian@briansmith.org> wrote:

> > As it stands, the absence of this solution makes several much less
> secure or
> > interoperable options more desirable, both from a technological
> perspective
> > and a user-experience.
>
> Such as?
>

NPAPI-based solutions, obviously.


> Personally, I think that unless and until a content provider is
> willing to post on this list saying that they feel they need this and
> why nothing else we can do would be an acceptable alternative, then we
> should just shelve the issue of making an exception for mixed-content
> MSE completely.
>

This is a suprisingly absolutist position, for reasons you've not really
expanded upon.

Received on Friday, 17 April 2015 22:00:51 UTC