> We believe that security includes confidentiality, which that would approach > would lack.
Hey Joel, SSL already leaks which domain name you are visiting anyway, so the most confidentiality this can bring you is hiding the specific URL involved in a cache miss. That's a fairly narrow upgrade to confidentiality. A scenario where it would matter: a MITM wishes to block viewing of a specific video on a video hosting site, but is unwilling to block the whole site. In such cases you would indeed want full SSL, assuming the host can afford it. A scenario where it would not matter: some country wishes to fire a Great Cannon. There integrity is enough. I think the case for requiring integrity for all connections is strong: malware injection is simply not on. The case for confidentiality of user data and cookies is equally clear. The case for confidentiality of cache misses of static assets is a bit less clear: sites that host a lot of very different content like YouTube might care and a site where all the content is the same (e.g. a porn site) might feel the difference between a URL and a domain name is so tiny that it's irrelevant - they'd rather have the performance improvements from caching proxies. Sites that have a lot of users in developing countries might also feel differently to Google engineers with workstations hard-wired into the internet backbone ;) Anyway, just my 2c. _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
