On Tuesday, April 14, 2015 at 3:05:09 AM UTC-5, Anne van Kesteren wrote: > This definitely needs more research > but shouldn't preclude rolling out HTTPS on public resources.
The proposal as presented is not limited to public resources. The W3C Privileged Context draft which it references exempts only localhost and file:/// resources, not resources on private networks. There are hundreds of millions of home routers and similar devices with web UIs on private networks, and no clear path under this proposal to keep them fully accessible (without arbitrary feature limitations) except to set up your own local CA, which is excessively burdensome. Eli Naeher _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
