- From: Markus Schütz <mschuetz@potree.org>
- Date: Wed, 13 Jul 2016 09:33:00 -0700
- To: public-webvr@w3.org
Hi, I'd like to object to these plans. My focus is on 3D graphics and content. I'm not a web admin and I don't intend to become one. As of now, adding https is far from trivial and I also do not have the resources to do so. Not everyone is blessed with a fully customizable host and the know-how to do so. I have a simple dump-your-files host with php support. That's it. No way to install a certificate there. I'm also objecting to making WebVR (and fullscreen at that) https only because I'm not convinced that it will provide security. It's supossedly getting easy for everyone to get a certificate for free. What's to stop malicious parties from obtaining one? They will have access to all those "secure" features and users are fooled into trusting them even though the only thing that's secure is the transmission, not the content provider. That's my understanding of it, anyway. Please let me know if that is not the case. This restriction feels like a slap into the face of small developers that lack money/time/resources/know-how to install certificates only for a false sense of security. Thanks, Markus
Received on Friday, 22 July 2016 20:38:37 UTC