>>> [...] webservers that refuse to serve anything over HTTP except a >>> redirect to HTTPS. >> They are just following an industry trend orchestrated by Google. >> [...] >> It's difficult to get a good explanation for the policy, [...] > The reason that https is being mandated is so that everyone has > protection from the NSA and other governments and companies
_That_ protection was blown when the first wildcard cert was issued - or, if you think of it another way, when support for wildcard certs was implemented. (I'm not convinced the publicly available crypto is secure against letter agencies even when used securely, for that matter, but that's a separate question, and the above stands even if it is secure.) > manipulating connections, blocking connections that are deemed > "unwanted / illegal / etc.", and spying on user agents. That's all very well, and I'm glad it's available. My beef is with webservers imposing it on clients, rather than letting clients choose. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Lynx-dev mailing list Lynx-dev@nongnu.org https://lists.nongnu.org/mailman/listinfo/lynx-dev