Linked by Thom Holwerda on Tue 27th Sep 2011 19:45 UTC, submitted by lemur2
Mozilla & Gecko clones Mozilla has released Firefox 7. Unlike releases of Firefox 5 and Firefox 6 which were relatively minor upgrades to the browser, Firefox 7 includes a number of significant improvements, most important of which is probably the drastically reduced memory usage.
Thread beginning with comment 490986
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: http:// is gone
by Drumhellar on Wed 28th Sep 2011 06:43 UTC in reply to "http:// is gone"
Drumhellar
Member since:
2005-07-12

http:// being gone is really no big deal. Many people don't know what it means, it it cleans up the interface for them.

Also. https://, ftp://, and whatever else still show.

Reply Parent Score: 2

RE[2]: http:// is gone
by Lennie on Wed 28th Sep 2011 11:53 in reply to "RE: http:// is gone"
Lennie Member since:
2007-09-22

If it wasn't for all the CA and SSL/TLS protocol problems I would say: everything should be on https://

Reply Parent Score: 2

RE[3]: http:// is gone
by Alfman on Wed 28th Sep 2011 21:36 in reply to "RE[2]: http:// is gone"
Alfman Member since:
2011-01-28

Lennie,


"If it wasn't for all the CA and SSL/TLS protocol problems I would say: everything should be on https://"

Yea, the web should probably default to a low grade encryption, which is extremely fast but deters casual snooping, censorship firewalls, and Phorm-like ISP monitoring.


However, there is one major technical obstacle with SSL that would make this impossible today. HTTPS is not compatible with shared hosting. There are proposed solutions, but they are hacks which leak information and are not supported by today's browsers.


Standard SSL is IP/port based and is not aware of the underlying HTTP protocol, which leads to a chicken/egg problem. HTTPS needs to transfer the certificate before knowing which which domain the client is trying to reach. Therefor, as is, all HTTPS websites would need dedicated IP addresses.

This is a stupid limitation, however I suspect it's due to the fact that SSL was invented a year or so before HTTP/1.1, and all websites needed a dedicated IP address anyways.


The internet is shrouded in legacy designs which dictate how things must be engineered today to work around them. I do wonder if we'll ever get the opportunity to make a clean break?

Reply Parent Score: 2