W3C home > Mailing lists > Public > public-webappsec@w3.org > June 2015

Re: UPGRADE: 'HTTPS' header causing compatibility issues.

From: Mike West <mkwst@google.com>
Date: Tue, 30 Jun 2015 13:51:06 +0200
Message-ID: <CAKXHy=fJRvqep99RLn-uFe2r7LgOixyjm6E2p8EWc_ekZ4+m6w@mail.gmail.com>
To: Anne van Kesteren <annevk@annevk.nl>
Cc: Adrian Hope-Bailie <adrian@hopebailie.com>, "Nottingham, Mark" <mnotting@akamai.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Tue, Jun 30, 2015 at 11:40 AM, Anne van Kesteren <annevk@annevk.nl>

> On Tue, Jun 30, 2015 at 11:18 AM, Adrian Hope-Bailie
> <adrian@hopebailie.com> wrote:
> > I would suggest that it's simply the header name causing the issue and
> > changing to "TLS" or "HTTPS-Preferred" or similar will solve it.
> Slight preference towards avoiding TLS in names as long as OE is a thing.

Slight preference towards avoiding a month-long bikeshed-painting
expedition. :)

Since Chrome isn't likely to implement OE, "TLS" is ambiguous only in
Firefox at the moment. It's not clear to me that it's worth worrying
about... Also, "TLS" is short.

If you have a concrete suggestion, though, I'd happily consider it!


Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)
Received on Tuesday, 30 June 2015 11:51:54 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:13 UTC