Re: Intent to restrict to secure contexts: navigator.geolocation

2016-10-24 Thread Boris Zbarsky
On 10/24/16 6:29 PM, Adam Roach wrote: and -- as bz points out -- we don't want to throw an exception here for spec compliance purposes. Actually, what I wanted to say is that if we think all browsers should implement some behavior here then we should get the spec changed to say so.

Re: Intent to restrict to secure contexts: navigator.geolocation

2016-10-24 Thread Richard Barnes
On Mon, Oct 24, 2016 at 6:29 PM, Adam Roach wrote: > I'm hearing general agreement that we think turning this off is the right > thing to do; that maintaining compatibility with Chrome's behavior is > important (since that's what existing code will presumably be tested >

Re: Intent to restrict to secure contexts: navigator.geolocation

2016-10-24 Thread Adam Roach
I'm hearing general agreement that we think turning this off is the right thing to do; that maintaining compatibility with Chrome's behavior is important (since that's what existing code will presumably be tested against); and -- as bz points out -- we don't want to throw an exception here for

Re: Intent to restrict to secure contexts: navigator.geolocation

2016-10-24 Thread Ehsan Akhgari
On 2016-10-24 4:14 AM, Gervase Markham wrote: > On 22/10/16 18:12, Ehsan Akhgari wrote: >> Have we considered doing something here to help the user when we block >> this API? For example, we could check to see whether the site has a TLS >> version > > If there were a reliable way to do this,

Re: Windows XP and Vista Long Term Support Plan

2016-10-24 Thread Peter Dolanjski
While this doesn't definitively answer your question, it may provide some insight: We ran a survey of Chrome XP users (N=819) after Chrome's end of life message was shown in the product (English only). The results showed: - About half the sample plan to continue using Chrome on XP without

Re: Windows XP and Vista Long Term Support Plan

2016-10-24 Thread Eric Rescorla
This seems to assume facts not in evidence, namely that people will stop using those machines rather than just living with whatever the last version we updated them to. Do we have any data that shows that that's true? -Ekr On Mon, Oct 24, 2016 at 1:12 AM, Gervase Markham

Re: Windows XP and Vista Long Term Support Plan

2016-10-24 Thread yuhongbao_386
On Monday, October 24, 2016 at 3:35:20 AM UTC-7, keithga...@gmail.com wrote: > On Monday, October 24, 2016 at 3:12:31 AM UTC-5, Gervase Markham wrote: > > On 22/10/16 10:16, keithgallis...@gmail.com wrote: > > > My concern is that by killing digital certificate updates and TLS > > > updates, still

Re: Intent to restrict to secure contexts: navigator.geolocation

2016-10-24 Thread Gervase Markham
On 22/10/16 18:12, Ehsan Akhgari wrote: > Have we considered doing something here to help the user when we block > this API? For example, we could check to see whether the site has a TLS > version If there were a reliable way to do this, HTTPS Everywhere would be a whole lot easier to write and

[Firefox Desktop] Issues found: October 17th to October 21st

2016-10-24 Thread Andrei Vaida
Hi everyone, Here's the list of new issues found and filed by the Desktop Release QA Team last week, *October 17**- October 21* (week 42). Additional details on the team's priorities last week, as well as the plans for the current week are available at:

Re: Windows XP and Vista Long Term Support Plan

2016-10-24 Thread keithgallistel
On Monday, October 24, 2016 at 3:12:31 AM UTC-5, Gervase Markham wrote: > On 22/10/16 10:16, keithgallis...@gmail.com wrote: > > My concern is that by killing digital certificate updates and TLS > > updates, still in use machines whose main purpose is Internet access > > are essentially bricked. >

Re: Windows XP and Vista Long Term Support Plan

2016-10-24 Thread keithgallistel
On Saturday, October 22, 2016 at 4:27:32 AM UTC-5, Martin Thomson wrote: > Yep, I just designated a relatives machine to recycling on that basis. > I could have updated the OS, but they had other better options, so > we're reclaiming the space. I know that neither option is that > pleasant, but

Re: Intent to restrict to secure contexts: navigator.geolocation

2016-10-24 Thread Kan-Ru Chen
On Sat, Oct 22, 2016, at 09:38 PM, Richard Barnes wrote: > On Fri, Oct 21, 2016 at 5:56 PM, Ehsan Akhgari > wrote: > > Since the proposal in the bug is adding [SecureContext] to > > Navigator.geolocation, have we also collected telemetry around which > > properties and

Re: Intent to restrict to secure contexts: navigator.geolocation

2016-10-24 Thread Gervase Markham
On 22/10/16 18:12, Ehsan Akhgari wrote: > Have we considered doing something here to help the user when we block > this API? For example, we could check to see whether the site has a TLS > version If there were a reliable way to do this, HTTPS Everywhere would be a whole lot easier to write and

Re: Windows XP and Vista Long Term Support Plan

2016-10-24 Thread Gervase Markham
On 22/10/16 10:16, keithgallis...@gmail.com wrote: > My concern is that by killing digital certificate updates and TLS > updates, still in use machines whose main purpose is Internet access > are essentially bricked. This is a feature, not a bug. If those machines shouldn't be on the Internet,