On the release page, we can see
Now, only some functions require secure context. I understand there will be some functions also requiring secure context in the future.
But can we update the document to indicate that those functions need secure context to work instead of announcing directly that secure context is a must for VNC?
I do know that maybe there are 98% of public VNC websites using secure context. However many intranet websites are not using secure context which may never need. Are we going to drop the support for them also?