Re: Draft finding - "Transitioning the Web to HTTPS"

On Tue, Dec 9, 2014 at 1:23 PM, Bjoern Hoehrmann <derhoermi@gmx.net> wrote:

> It is actually quite common that you cannot install certificates and do

I'm interested in this. When does that happen? I would really like for
the owner of a device to be able to control the device's trust anchor
store.

> not have debugging tools available, or would not be able to rely on them

Hopefully, the lack of debugging tools is a bug to be fixed. For
example, even on mobile devices you can tether to get a full-sized
developer console:

https://developer.chrome.com/devtools/docs/remote-debugging

> because their use is detectable.

Detectable by whom...? I generally know when I am using the developer console.

> Considering that heteronomous computing
> is being made a fundamental part of the Web, it seems very unlikely that
> the TAG would agree that users have a right to know what their computers
> do and what data they send and receive.

Users *absolutely do* have a right to know what their computers do,
and what data they send and receive. Reminder:

http://www.w3.org/TR/html-design-principles/#priority-of-constituencies

We create software and services to serve people, first and foremost.

Received on Tuesday, 9 December 2014 21:42:58 UTC