Mozilla's plan to focus its development efforts on the secure web has two main parts.
The first is that after a date that has yet to be determined, new features in programs such as Firefox will only works with secure sites.
The second is arguably more aggressive, in that it calls for the gradual removal of access to browser features by non-secure sites, "especially features that pose risks to users’ security and privacy," Firefox security lead Richard Barnes wrote in the Mozilla Security Blog.
While some features may be completely disabled for non-secure sites, others may be permitted but only with certain limitations. Barnes suggested this could be similar to the way Firefox already allows only temporary access to the camera and microphone by such sites.
Existing sites will continue to work without modification for months or years, according to Mozilla.
"Since the goal of this effort is to send a message to the web developer community that they need to be secure, our work here will be most effective if coordinated across the web community," Barnes wrote.
"We expect to be making some proposals to the W3C WebAppSec Working Group soon."
The organisation as also moved to allay fears about the cost of using HTTPS. Free SSL certificates are available, and modern hardware can encrypt the traffic with a very modest performance hit.
A particular problem lies in the use of HTTP by the web servers embedded in devices such as printers and routers, as in general they are not designed to have their own certificates. Mozilla believes this situation can be improved.