On 21/11/14 14:05, Ted Lemon wrote: > On Nov 21, 2014, at 1:00 AM, Michael Richardson <[email protected]> wrote: >> Nobody said that unauthenticated TLS should show a "lock" > > Unfortunately I think more people notice "https://"; than the lock.
The relevant proposal here is the httpbis WG draft. [1] I'm not sure when a -01 will pop out, but there have been some comments on this (incl. from me:-) on the WG list, so best to check there in case you're repeating stuff that's already planned to change. That is based on use of HTTP URIs and also not indicating that TLS is in use via any lock icons or similar. Seems like a fine idea to me fwiw, though somewhat controversial amongst some browser folks still. S. [1] https://tools.ietf.org/html/draft-ietf-httpbis-http2-encryption _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
