Re: Scope of Dev-Security List

2013-10-08 Thread Daniel Veditz
On 10/5/2013 4:00 PM, farr...@furcadia.com wrote: > Well, I was very disappointed not to find any discussion here of the > issues and challenges that W3C's decision on DRM for HTML5 would > bring for security. > > I sort of expected people to be all over that here, when I saw the > group name. Th

Re: Security error when trying to set a non SSL/TLS Websocket from a https page

2013-10-08 Thread Aymeric Vitte
The fact of having SSL/TLS inside ws is of course OK for me, that's what I am doing too, but let's say I am against it (which is not the case) I would argue that the issue remains the same: why should it be allowed to work with "insecure" certificates while SSL/TLS on top of ws don't allow it,