undefined | Better HN

0 pointsquadrifoliate5y ago0 comments

> but let's stick to what's actually happening with SXG

No, Signed HTTP exchanges are something that Google dreamed up so people don't have to see their hegemony over the modern web (or as the article you linked calls it, a shakedown). It's not a browser standard so far, because of Apple and Mozilla's resistance.

There are legitimate ways for NYTimes to allow Google to serve content on behalf of them, like so many other CDNs around the world (it usually involves the CDN generating the certificate for your site as well). Why should people create new standards for HTTPS and URLs simply for Google's benefit?

I don't deny that there's a way to make "nytimes.com" work where everything is served by "google.com". What I'm questioning is why we need a completely new web standard for doing so that affects the URL, something that has been standard for decades.

0 comments

esrauch5y ago

> Why should people create new standards for HTTPS and URLs simply for Google's benefit?

Because of the exact reasons that people are complaining about in this very thread: they want NYT to control the content and display the domain name appropriately, but they want to serve it from Google servers and allow for eager prefetching without leaking private details.

Today it would be easily possible if NYT just gave Google their private cert, but then Google would be able to serve any content they want as NYT. With the proposed solution they can display the content NYT wants without being able to serve arbitrary other content.

j / k navigate · click thread line to collapse

0 pointsquadrifoliate5y ago0 comments

> but let's stick to what's actually happening with SXG

0 comments

esrauch5y ago

> Why should people create new standards for HTTPS and URLs simply for Google's benefit?

j / k navigate · click thread line to collapse