You must have missed my original email:
>I understand that there are proposed solutions to these problems but
>they don't exist today and won't be ubiquitous for a while.
Let's let these solutions prove themselves out first.
There are no free wildcard cert vendors and, at least in my experience,
what you do get is a heavy upsell and/or slow delivery of certificates.
If this is your standard for good-enough I'm really fearful for the
future of the web.
It's paramount that the web remain a frictionless place where creating a
website is dead simple. This is infinitely more important than making
people feel safe knowing that http doesn't exist any more. My fear is
that the pendulum has swung away from this (previously self-evident)
position and the people running the web today have other priorities.
On Fri, May 1, 2015, at 01:03 PM, Adam Roach wrote:
> On 5/1/15 05:03, Matthew Phillips
wrote:
>> All mandatory https will do is discourage people from
>> participating in
speech unless they can afford the very high costs (both in dollars and
in time) that you are now suggesting be required.
>
>
Let's be clear about the costs and effort involved.
>
>
There are already several deployed CAs that issue certs for free.
And within a couple of months, it will take users two simple
commands, zero fiscal cost, and several tens of seconds to obtain
and activate a cert:
>
> https://letsencrypt.org/howitworks/
>
>
There is great opportunity for you to update your knowledge about
how the the world of CAs has changed in the past decade. Seize it.
>
> --
> Adam Roach Principal Platform Engineer a...@mozilla.com +1 650 903
> 0800 x863
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
