Re: [UPGRADE] Consider plan B for reduced complexity?

On Mon, Mar 16, 2015 at 10:11 AM, Peter Eckersley <pde@eff.org> wrote:

> Daniel's proposal to make UPGRADE-like behaviour the default (with HSTS2
> as a way to make HSTS safely enableable on the same origins) allows
> sites to do resource-specific, or user-specific, migration from HTTP to
> HTTPS if they want to.
>

How? Without an explicit signal (from the server or the client), it's not
clear to me how you'd choose which users you could safely send to HTTPS for
a given resource. Could you spell this out in a little more detail?

(As an aside: I don't at all think that Daniel's proposal runs counter to
the UPGRADE spec. I think we can evaluate how to make aspects of that spec
default behavior in parallel to shipping it as an opt-in.)


> Is the main issue that you're flagging here the fact that sites can't
> similarly UPGRADE the optionally blockable mixed content on the
> resources of their choice?
>

The main issue I was flagging was control, and it's not clear to me how
you're proposing that it would be dealt with in an on-by-default world.
Maybe we're proposing the same thing? :)

Optionally-blockable mixed content is certainly also an important issue,
though, as it creates UI degradation, which developers very much wish to
avoid (as noted in #2 in the email you're responding to).

--
Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

Received on Monday, 16 March 2015 09:27:27 UTC