On Tue, 10 May 2016, Giancarlo Razzolini <grazzol...@gmail.com> wrote: > Until every UA is changed to first try TLS and *only then* fall back > to clear text http, this kind of measure has its uses.
This is of limited usefulness. All you need to do (as a mitm) is to block the connection on port 443, client will now automagically fall back to using 80 and plain text... It's even easier than filtering out STARTTLS for SMTP. Go google some, why opportunistic encryption is a bad idea. K.
