W3C home > Mailing lists > Public > www-tag@w3.org > December 2014

Re: Draft finding - "Transitioning the Web to HTTPS"

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Tue, 09 Dec 2014 22:23:21 +0100
To: Mark Nottingham <mnot@mnot.net>
Cc: Noah Mendelsohn <nrm@arcanedomain.com>, "www-tag@w3.org List" <www-tag@w3.org>
Message-ID: <eome8ahnpi4a2pt9k9vjdmg5hd3khvmb3e@hive.bjoern.hoehrmann.de>
* Mark Nottingham wrote:
>When I talk to browser folks about this, they say that you can still 
>install a CA to observe traffic, or look at the console / dev tools, 
>etc. I think that's a reasonable answer, but one that needs better tools 
>available to foster this kind of research.

It is actually quite common that you cannot install certificates and do
not have debugging tools available, or would not be able to rely on them
because their use is detectable. Considering that heteronomous computing
is being made a fundamental part of the Web, it seems very unlikely that
the TAG would agree that users have a right to know what their computers
do and what data they send and receive.
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
D-10243 Berlin · PGP Pub. KeyID: 0xA4357E78 · http://www.bjoernsworld.de
 Available for hire in Berlin (early 2015)  · http://www.websitedev.de/ 
Received on Tuesday, 9 December 2014 21:24:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:57:08 UTC