- From: Chris Palmer <palmer@google.com>
- Date: Mon, 22 Dec 2014 11:34:42 -0800
- To: Melvin Carvalho <melvincarvalho@gmail.com>
- Cc: Daniel Appelquist <appelquist@gmail.com>, TAG List <www-tag@w3.org>, Ian Jacobs <ij@w3.org>
On Sun, Dec 21, 2014 at 9:24 AM, Melvin Carvalho <melvincarvalho@gmail.com> wrote: > "The annual median per capita [yearly] income in India stood at $616, the > 99th position among 131 countries." [1] (Gallup Dec 2013) > > So what's the cost of a wildcard SSL certificate (someone quoted $100 in a > previous)? Is it affordable? People at that income level need clean water and food, not X.509 certificates. > The finding says that HTTPS will only be needed for new features. So, are > we moving to a two tier web, where some features are for everyone and and > some are for others? As has been shown multiple times, there are ways for people to serve HTTPS for 0 additional dollars. We need to avoid a 2-tier web: 1 tier containing the billions of users who don't understand that getUserMedia is broadcasting streams from their mic and camera over the internet in the clear, and a 2nd tier containing the few experts who do understand. We need a 1-tier web: safe for everyone by default, and easy for users to use. The 1-tier web may come at a small price: the relatively small # of site operators — experts by definition — may have to learn how to use SSLmate or Let's Encrypt or the like.
Received on Monday, 22 December 2014 19:35:12 UTC