Giancarlo Razzolini <grazzol...@gmail.com> wrote: > It is really nice to finally see TLS on openbsd.org. How about redirecting > http to https?
I dislike the idea. An http->https redirect does not prevent a MITM by itself. It also prevents the easy use of caching or proper proxies with the site. Purely informative sites are ok without https for the most part. If the user feels that TLS is somehow required, he can enable it by different means. http->https redirection does not add much in terms of security unless the user takes additional steps, but if the user is going to take additional steps he does not really require the redirection. -- OpenPGP Key Fingerprint: BB5A C2A2 2CAD ACB7 D50D C081 1DB9 6FC4 5AB7 92FA
