Date when HTTP traffic will be marked as insecure?

66 views
Skip to first unread message

Max Faxälv

unread,
Aug 15, 2016, 6:17:23 AM8/15/16
to Chromium-discuss
The Chrome Development team have already put forward a proposal but there doesn't seem to be a date decided.


Is there any information on when a date will be set or ther updates regarding this topic?

Kind Regards,
Max

Ramesh Srigiriraju

unread,
Aug 17, 2016, 5:52:37 AM8/17/16
to maxf...@gmail.com, Chromium-discuss
Max,

I don't have any updates on this proposal, but it raises some interesting questions.  Why are they just focusing on HTTP?
If Chrome supports other application-layer protocols, it would have to use a TCP/IP stack, which provides no inherent security.
Do they plan to warn users about that?

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+unsubscribe@chromium.org.

PhistucK

unread,
Aug 17, 2016, 8:46:35 AM8/17/16
to Ramesh Srigiriraju, maxf...@gmail.com, Chromium-discuss
Other than FTP, what other application layer protocols are supported by Chrome?


PhistucK

Max Faxälv

unread,
Aug 17, 2016, 9:54:48 AM8/17/16
to Chromium-discuss, maxf...@gmail.com
My personal guess on why is because the average user uses only HTTP. It is also the average user who hasn't been properly informed HTTP is heavily insecure and most commonly exploited. I'd say taking into consideration the popularity of HTTP today this is a high-priority topic of discussion.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discu...@chromium.org.

Eric Lawrence

unread,
Aug 19, 2016, 10:56:41 AM8/19/16
to Chromium-discuss
No further announcement on this topic has been made, but a blog post with updates is being drafted.

Max Faxälv

unread,
Aug 19, 2016, 2:36:41 PM8/19/16
to Chromium-discuss
Hello Eric,

OK, thank you for the information.
Eagerly looking forward to read it. :)

Have a nice day!
Max

Kien Nguyen

unread,
Dec 6, 2016, 6:44:28 AM12/6/16
to Chromium-discuss, maxf...@gmail.com
Hello guys,

Is there any news about the exact release date of this?

PhistucK

unread,
Dec 6, 2016, 6:48:52 AM12/6/16
to solidf...@gmail.com, Chromium-discuss, Max Faxälv
Nope. The changes was not announced.
They announced marking HTTP as insecure only when you fill sensitive forms.
https://blog.chromium.org/2016/09/moving-towards-more-secure-web.html
There is no exact release date (there is an estimation for the beginning of the distribution) and the release will be gradual, as always.


PhistucK

--
--
Chromium Discussion mailing list: chromium...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-discuss

---
You received this message because you are subscribed to the Google Groups "Chromium-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-discuss+unsubscribe@chromium.org.

Reply all
Reply to author
Forward
0 new messages