Re: Proposal: Marking HTTP As Non-Secure

On Thu, Jan 28, 2016 at 8:46 AM, <jirkadanek7@gmail.com> wrote:

On Monday, January 25, 2016 at 8:44:35 PM UTC+1, clio...@mindspark.com
>> wrote:
>
> Hi all, what is the status of this proposal? It calls out for a deployment
> plan in 2015, but that did not materialize. What is the latest? Thanks!
>
> Regarding Chromium:
>
> """On Tuesday, during a presentation at the Usenix Enigma security
> conference in San Francisco, Google pushed the proposal out in the open
> with much more fanfare, and gave a sneak peek of how it’s going to look.
> (You can see the little red “x” on the padlock in the URL bar.)"""
>
> --
> https://motherboard.vice.com/read/google-will-soon-shame-all-websites-that-are-unencrypted-chrome-https
>

That article is inaccurate. That screenshot is from a presentation by
Cloudflare, not Google, and does not constitute an announcement from
Google. It's just what you can get by turning on the Mark Non-Secure
Origins As Non-Secure flag in chrome://flags (which I added quite a while
ago).

We'll announce something when we're ready, though.

Received on Thursday, 28 January 2016 21:42:13 UTC