W3C home > Mailing lists > Public > www-tag@w3.org > December 2014

Re: Preparing to Publish HTTPS Finding

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Fri, 19 Dec 2014 12:12:51 +0100
Message-ID: <CAKaEYhLFDDXYnvYZz=NK-c8AXLpv70+vR825GFA+Z-OLVg243g@mail.gmail.com>
To: Daniel Appelquist <appelquist@gmail.com>
Cc: TAG List <www-tag@w3.org>, Ian Jacobs <ij@w3.org>
On 19 December 2014 at 11:28, Daniel Appelquist <appelquist@gmail.com>
> As discussed on yesterday’s call, we have come to consensus to publish
> Mark’s draft[1] as a TAG finding, pending feedback on this mailing list (or
> via the Github issues tracker[2]), but before the end of the year. For all,
> but especially for those TAG members who were not on yesterday’s call, if
> you have any objections to this or would like to register further feedback,
> this is your chance.


I welcome a more secure web.

However the cost of a wildcard HTTPS certificate is still prohibitive, if
you consider the budget of world population, or the long tail of
development, both of which tend to be under represented in TAG discussions.

I would welcome publication if consensus was reached that such a switch was
affordable, but I am unsure I've seen that bit covered yet, other that
discussion of the CPU overhead.

Perhaps next year, systems such as lets encrypt [1] will solve that issue.
Since TLS/SSL is a tactical solution to tackle security, why not back
similar tactics to make it affordable?

[1] https://letsencrypt.org/

> Thanks,
> Dan Appelquist
> TAG Co-Chair
> 1. https://w3ctag.github.io/web-https/
> 2. https://github.com/w3ctag/web-https/issues
Received on Friday, 19 December 2014 11:13:22 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:57:08 UTC