Re: Proposal: Marking HTTP As Non-Secure from jirkadanek7@gmail.com on 2016-01-28 (public-webappsec@w3.org from January 2016)

From: <jirkadanek7@gmail.com>
Date: Thu, 28 Jan 2016 08:46:44 -0800 (PST)
To: blink-dev <blink-dev@chromium.org>
Cc: public-webappsec@w3.org, security-dev@chromium.org, dev-security@lists.mozilla.org, cliodice@mindspark.com
Message-Id: <99053e1a-5c9a-4b90-ab1b-e59f6b22fdbe@chromium.org>

>
> On Monday, January 25, 2016 at 8:44:35 PM UTC+1, clio...@mindspark.com 
> wrote:

Hi all, what is the status of this proposal? It calls out for a deployment 
plan in 2015, but that did not materialize. What is the latest? Thanks!

Regarding Chromium:

"""On Tuesday, during a presentation at the Usenix Enigma security 
conference in San Francisco, Google pushed the proposal out in the open 
with much more fanfare, and gave a sneak peek of how it’s going to look. 
(You can see the little red “x” on the padlock in the URL bar.)"""

-- https://motherboard.vice.com/read/google-will-soon-shame-all-websites-that-are-unencrypted-chrome-https

Then there is this bug tracking the implementation 
https://code.google.com/p/chromium/issues/detail?id=578317

Received on Friday, 29 January 2016 08:58:14 UTC