Mozilla this week decreed that future web-facing of must meet an under-development standard that requires all browser-to-server-and-back traffic be encrypted.

“Effective immediately, all new features that are web-exposed are to be restricted to secure contexts,” wrote Mozilla engineer Anne van Kesteren in a post to a company blog. “A feature can be anything from an extension of an existing IDL-defined , a new CSS property, a new HTTP response header, to bigger features such as WebVR.”

Secure contexts, dubbed a “minimum security level,” is a pending standard of the W3 (World Wide Web Consortium), the primary standards body for the web. Secure contexts’ main purpose, according to its documentation: “Application code with access to sensitive or private be delivered confidentially over authenticated channels that guarantee integrity.”

To read this article in full, please click here



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here