On 10/25/2016 6:26 AM, Ehsan Akhgari wrote:
FWIW, and to the extent that my opinion matters on the topic, I strongly
disagree that breaking the websites that people use silently is the
right thing to do.

Let's ignore the HTTPS Everywhere part of the thread, and instead pay
more attention to what our users will see after we roll this out.  It's
easy to ignore this when looking at the ratio of granted non-secure
geolocation prompts per all page loads, but we _are_ talking about
breaking a fifth of geolocations on the web for our users.

I strongly agree with Ehsan that breaking a fifth of geolocation requests is a bad user experience.

What is the threat model for geolocation over HTTP? That a coffee shop, ISP, or Big Brother will MITM a non-secure site so as to sniff a user's location? To reduce location leaks without breaking non-secure geolocation, perhaps we could always require door hanger permission for geolocation requests on HTTP sites?

chris
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform

Reply via email to