Viewing a single comment thread. View all comments

8

md_ wrote

Thanks. Let's see

The web is an open platform, not a corporate platform.

Sure. But encouraging HTTPS is not going against openness, nor it is an example of Google's corporate dominance on the web (real examples exist, this is not one of them)

Also, if Google succeeds, it will make a lot of the web's history inaccessible.

That's an outright lie.

People put stuff on the web precisely so it would be preserved over time.

The web doesn't have this magical property, people have to go and make backups to keep things online. Linkrot exists, and it is unrelated to HTTPS.

The web is a social agreement not to break things. It's served us for 25 years.

Actually, that's unfortunately not the case. The internet was broken already. Not by HTTPS though. It was broken by the rise of the "web application", the proliferation of single-page JS applications, of EME, of closed/proprietary protocols, and of our tendency to prefer the easiness of centralised webservers.

I don't want to give it up because a bunch of nerds at Google think they know best.

I don't know what's the problem with nerds, but Google employees didn't invent HTTPS or were the first to realise how important it is. If anyone made HTTPS their priority, is EFF and Mozilla.

Keeping the web running simple is as important as net neutrality.

In this whole section, other than simply saying "HTTP is simple, HTTPS is complicated" as an axiom, no argument was presented to justify this.

They believe they have the power

They do have power, and they do abuse it often. Discouraging HTTP is not an example of abuse.

Many of the sites they will label as "not secure" don't ask the user for any information.

HTTPS is not just for privacy, it is also for integrity. Non-encrypted transport is open to manipulation.

Also, sometimes the privacy concerns do not arise from people eavesdropping on the information you submit, but also from thirdparties knowing what exactly you are reading.

but fail to mention that they can do it in the browser, even if you use a "secure" protocol

This statement is "a sleight of hand". It's a misdirection and it's not an argument against HTTPS.

Of course the browser controls website rendering. And that's a reason why people should not use Chrome. But the disprivileging of HTTP-only sites on Chrome is not related, and on its own it's positive.

yet still have valuable ideas and must be preserved.

Websites will not die because of HTTP being discouraged. Websites die for other reasons.

It's like a massive book burning, at a much bigger scale than ever done before.

Wow. The argumentation gets poorer and poorer as this goes on. That's an outright lie again.

Why force people to do it? This suggests that the main benefit is for Google, not for people who own the content.

Wow again.

If it were such a pressing problem we'd do it because we want to, not because we're being forced to.

Are you sure we want to apply that argument to other issues on the web then?

Because this argument will come in favour of web centralisation, in favour of Google, Facebook, Microsoft, Apple, Amazon etc. People like them, therefore they must be good.

For me, the amount of work is prohibitive, even with Let's Encrypt, which people have told me about a huge number of times.

Honestly, just start with that, because the other excuses of an argument are doing you a disservice.

You didn't future proof your work, and you don't want to go back and retrofix everything. That's OK. Your stuff will not go away. People will discouraged of visiting them, and that's also OK.

I don't think anyone has the right to change the web so they no longer work.

Discouraging HTTP is not changing the web. It means that Chrome will have saner default settings. Mozilla should have done this first, imo.

1

ziq wrote

why are you addressing me like it's my article? I didn't write it.

3

md_ wrote

I'm not addressing you, I'm replying to what I am reading.

1

ziq wrote

Ah.

3

md_ wrote

It's something I often do when replying below quotes, it's a reflex to reply in the second person. I see how it's confusing, I'll try to preface it as "replying to the author" next time.