You can now access https://clojure.org, thanks for the push.
On Thursday, January 14, 2016 at 2:25:42 PM UTC-6, Alex Miller wrote: > > Noted, I will bump it up the priority list. > > On Thursday, January 14, 2016 at 1:49:55 PM UTC-6, Laurens Van Houtven > wrote: >> >> Hi, >> >> On Jan 14, 2016, at 12:34 PM, Alex Miller <a...@puredanger.com> wrote: >> >> The clojure.org has never, and does not now, support https. It is an >> entirely static site, so it is not high on my priority list to work on. >> >> >> Sure; but it does respond to HTTPS requests with a bogus cert, instead of >> simply not supporting HTTPS at all. >> >> Since it’s HTTP, an attacker on a local network can fairly trivially (by >> which I mean: using off the shelf tools) make that “download Clojure” link >> point to whatever they want, which is my main concern. >> >> I don’t know if this is an option for you, but CloudFlare will give you a >> fairly hassle-free (and money-free) TLS termination option. >> >> >> lvh >> >> -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.