On Thu, Oct 16, 2014 at 4:28 PM, Eduardo' Vela"
wrote:
> Well, it doesn't today. But maybe you mean in the future.
>
You're right, sorry. I was thinking of blob-based workers. Maybe we should
do the same for frames?
> But the point is that there are many ways to exfiltrate, these are just
> t
I would be happy to be proven wrong, but it's unlikely the amount of effort
this will incur will be worth the small number of sites that will use it
(large sites probably won't, and small sites, as usual, won't even know
about it's existence). In addition, it's going to be such a fragile
security c
Roger Hågensen writes:
> Also http logins with plaintext transmission of passwords/passphrases
> need to go away, and is a pet peeve of mine, I detest Basic
> HTTP-Authentication which is plaintext.
Note that Basic Auth + HTTPS provides reliable transport security.
> Hashing the password (or