On 1/10/22 07:02, Jaroslaw Rafa wrote: > Dnia 10.01.2022 o godz. 09:35:49 Joachim Lindenberg pisze: >> Are you also not using a trusted certificate or even no certificate for >> your public web site? > > Did you notice the recent thread on this list about http://www.postfix.org > website (NOT https) where Viktor and others explained why there is no need > for the site to use HTTPS, as all the content is public and no private data > is processed by the site?
TLS not only provides confidentiality, it also provides integrity — and integrity *does* matter. Furthermore, both Google and Mozilla have declared insecure HTTP to be deprecated. -- Sincerely, Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
