On Thu, Apr 30, 2015 at 9:50 PM, <imfasterthanneutr...@gmail.com> wrote:
> > 1.Setting a date after which all new features will be available only to > secure websites > > I propose the date to be one year after Let's Encrypt is launched, which > is about mid-2016. > I was hoping for something a little sooner, given that we're talking about *future* stuff. But I'm open to discuss. > By the way, I hope Mozilla's own official website (Mozilla.org) should > move to HTTPS-only as soon as possible. Currently www.mozilla.org forces > HTTPS, but many mozilla.org subdomains do not, such as > http://people.mozilla.org/, http://release.mozilla.org/, and > http://website-archive.mozilla.org. It will be great if *.Mozilla.org can > be added to browsers' built-in HSTS list. > 100% agree. There's already a bunch of Mozilla domains on the HSTS preload list, but they should all be there. --Richard _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
