| > do you implement the feature that 10-100 users use Try 10-500 million, perhaps a billion. Most medium-to-large corporations have an Enterprise PKI issuing internal-use certificates. > do you spend time improving things for the other billion users? Here's the thing: Google's users and Microsoft's users are much the same people, in roughly the same total numbers. But Google would much rather have those people be only Google's users, and not Microsoft's users any longer. Why implement a feature that helps "the competition"? Why implement a client feature that your company's server products don't need or use? Why bother with the private enterprise when your company only sells stuff via the public cloud? Why bother with security at all if the attacks don't affect you directly? These are very important question to think about, because the answers say something critical about the future of not just "The Web", but computing in general. Google has decided they won't bother any longer. They now control a sufficient fraction of the HTML client market to force changes onto the market unilaterally, even if it that actively harms the security of their competitors. As long as Google's needs are met, the job is done. Microsoft customers' needs are no longer relevant... |