alt Hacker NewsI would have thought this would have originally been driven by wanting to prevent a browser mixed content warning given that something like 15% of Netflix viewing happens in browsers (and the browser warnings switched to blocking in 2020 [Chromium] and 2024 [WebKit/Gecko]).
@drewg123 starts discussing this section at 4:21 in the presentation: https://www.youtube.com/watch?v=WzfADu1qyAM&t=261 ("we had this mandate that we had to start encrypting communications between our servers and our clients")
Netflix announced the change in 2016, citing viewer privacy from eavesdropping: https://netflixtechblog.com/protecting-netflix-viewing-priva...
However, I wonder if the mandate was led by Apple. It looks like it was 2015 (at iOS 9.0 / macOS 10.11) that Apple began requiring that network connections made by apps use TLS. While exceptions are allowed, they are discouraged and require a justification for App Store review: https://developer.apple.com/documentation/security/preventin...
Browser behavior like mixed content warnings (and a clear slide towards discouraging all non-HTTPS traffic) was the impetus for us at Twitch to TLS all our video in the mid-2010s. Mixed content delivery on a website would, I think, also fall below the bar for doing certain kinds of commerce, and ejecting people from your webapp to a separate payment flow discourages spending.