SoylentNews is people
SoylentNews
from the it's-the-end-of-the-web-as-we-know-it-and-i-feel-fine dept.
Phoronix reports the Mozilla Security Engineering team is planning to make their browser useless for browsing much of the World Wide Web, by deprecating insecure HTTP.
Richard Barnes of Mozilla writes:
In order to encourage web developers to move from HTTP to HTTPS, I would like to propose establishing a deprecation plan for HTTP without security. Broadly speaking, this plan would entail limiting new features to secure contexts, followed by gradually removing legacy features from insecure contexts. Having an overall program for HTTP deprecation makes a clear statement to the web community that the time for plaintext is over -- it tells the world that the new web uses HTTPS, so if you want to use new things, you need to provide security.
See also this document outlining the initial plans.
(Score: 0) by Anonymous Coward on Wednesday April 15 2015, @12:25PM
I thought http was just a transmission protocol. I would have thought most web browser features were coded independently of the transfer protocol, so I'm wondering what features important to a website that is not interested in encrypting its traffic would be tied to the transfer protocol. Unless Mozilla is actually planning to implement an artificial block on new features for http, rather just not coding them for http as the summary implies.
(Score: 2) by lentilla on Wednesday April 15 2015, @09:11PM
I'd assume it would be implemented with an "artificial block" as you suggested, something along the following lines: