I use the althttpd web server [0] that doesn't itself provide HTTPS functionality but instead requires you to bolt it on using something like stunnel [1]. I've researched this topic previously and still haven't bothered to implement HTTPS for myself. I don't have any good reasons other than I just think it's not necessary for my silly little websites and I'm reflexively opposed to it just because it's being pushed so much. Sort of like a motorcycle helmet, it may be risky not to wear one, but please leave it up to me.
Just the other day I was reading a post [2] on not using HTTPS and then this thread started so I thought I'd provide the link. Spoiler alert: he decided to provide an HTTPS option using a self-signed cert and no redirect. [0] https://sqlite.org/althttpd/doc/trunk/althttpd.md [1] https://www.stunnel.org/ [2] http://misc-stuff.terraaeon.com/articles/not-https.html _______________________________________________ Hpr mailing list Hpr@hackerpublicradio.org http://hackerpublicradio.org/mailman/listinfo/hpr_hackerpublicradio.org
