Whilst that might seem like a fair argument, what would happen if I man in the middled your request for the http page? I could easily change the links to point to my malicious site, and with certificates being so easy to get, it would be relatively easy to make it look authentic as far as the "you end up on a secure page" argument goes and, given the quality of some spearphishing, the appearance of the page as well. Of course, none of that would be possible if all of the pages were TLS encrypted. Tom
- Re: OpenBSD Foundation on HTTPS Hess THR
- Re: OpenBSD Foundation on HTTPS Ian Sutton
- Re: OpenBSD Foundation on HTTPS Hess THR
- Re: OpenBSD Foundation on HTTPS Charlie Eddy
- Re: OpenBSD Foundation on HTTPS Daniel Ouellet
- Re: OpenBSD Foundation on HTT... Denis Fondras
- Re: OpenBSD Foundation on HTT... Charlie Eddy
- Re: OpenBSD Foundation on HTT... Jeroen
- Re: OpenBSD Foundation on HTT... Stuart Henderson
- Re: OpenBSD Foundation on HTT... Charlie Eddy
- Re: OpenBSD Foundation on HTT... Tom Atkinson
- Re: OpenBSD Foundation on HTTPS Jonathan Thornburg
- Re: OpenBSD Foundation on HTTPS Jeroen
- Re: OpenBSD Foundation on HTTPS Charlie Eddy
- Re: OpenBSD Foundation on HTTPS Hess THR
- Re: OpenBSD Foundation on HTTPS Kevin Chadwick
- Re: OpenBSD Foundation on HTTPS Kevin Chadwick
