On Fri, Sep 26, 2014 at 11:06 PM, Richard Barnes <rbar...@mozilla.com> wrote: > It is not our job to break the HTTP-schemed web to force everyone to HTTPS.
It is for features where it matters for end users. > Users and web sites have been using geolocation on unauthenticated origins > for several years now without major implications. Citation needed. > It's no more dangerous than me typing my address into a form. Those forms should also be behind TLS. But obviously forcing that is far less practical than taking steps with geolocation. -- https://annevankesteren.nl/ _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
