Re: Upgrade mixed content URLs through HTTP header

On 02/03/2015 04:00 AM, Mike West wrote:
> That's not what I mean to say. With regard to the W3C, my (apocryphal?*)
> understanding is that the main blocker to deploying HTTPS more widely is
> legacy clients, not legacy content, and that they'd need to alter the
> source in order to get over that hurdle. The legacy concern was specific to
> this example, not a general statement on adding features to the platform.
> 
> *Wendy (hi!) could probably comment here.

My understanding of the problem on W3C's site is a combo of huge amounts
of legacy content and desire to continue making resources available to
legacy clients.

(I think we as a site should upgrade top-level pages to HTTPS, serve the
mixed content and upgrade additional pages and their resources over
time, but I don't set site policy.)

--Wendy

-- 
Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
http://wendy.seltzer.org/        +1.617.863.0613 (mobile)

Received on Tuesday, 3 February 2015 10:11:36 UTC