On 4/6/22 08:27, Paul Koning via cctalk wrote:
That's a classic example of a rule invented by people who can't think. In
fact, HTTP is perfectly fine for sites that arenot conducting web-based
business activity. Blogs are a good example, and I know at least one that runs
HTTP for the simple reason that nothing else is needed. Bitsavers is another
example; nothing would be gained by adding all the overhead inflicted by HTTPS.
Yes, REALLY! For anything that serves up static pages,
there's no need for the security layer, unless the user is
worried that somebody would snoop on the browsing history.
Jon
