On Sat, Sep 27, 2014 at 10:10 PM, Richard Barnes <rbar...@mozilla.com> wrote: > Are you making an argument more subtle than "everything should be HTTPS, so > we should make HTTP less functional"?
I'm not sure where you see me making that argument in this thread. I simply recommended we move to require TLS for privacy-sensitive APIs. And it still seems within the realm of possibility to do that for geolocation and getUserMedia(). > I don't disagree that things should be HTTPS, but breaking the HTTP-schemed > web is not the way to get there. That's like Verizon trying to get people to > use their favorite video streaming site by slowing down all the others. No, it's not at all like that. It's about tightening the requirements for getting access to privacy-sensitive user data. All this is saying is that if you want this user data, you need to deploy TLS on your site. And that can be done for free although it is unfortunately still a bit of a hassle. But guides have been created, communities have collected pointers, and gradually it will spread through conferences how to get this done. -- https://annevankesteren.nl/ _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
