On Sep 11, 2014, at 9:08 AM, Anne van Kesteren <ann...@annevk.nl> wrote:
> On Thu, Sep 11, 2014 at 5:56 PM, Richard Barnes <rbar...@mozilla.com> wrote: >> Most notably, even over non-secure origins, application-layer encryption can >> provide resistance to passive adversaries. > > See https://twitter.com/sleevi_/status/509723775349182464 for a long > thread on Google's security people not being particularly convinced by > that line of reasoning. Reasonable people often disagree in their cost/benefit evaluations. As Adam explains much more eloquently, the Google security team has had an "all-or-nothing" attitude on security in several contexts. For example, in the context of HTTP/2, Mozilla and others have been working to make it possible to send http-schemed requests over TLS, because we think it will result in more of the web getting some protection. Google have been less sanguine about this idea, because they worry that some sites will opt for a lower security level instead of full-on HTTPS. So allowing WebCrypto for non-secure origins is consistent with the "something is better than nothing" approach we've taken in other places, and Chrome's prohibition is consistent with their approach. As Adam points out, in the post-Snowden world, there are a lot more people who are willing to accept lots of things getting OK protection, vs. fewer things getting high-grade protection. --Richard _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
