Re: [dev] suckless.org TLS / HTTPS support

From: Janne Heß <jannehess_AT_gmail.com>
Date: Fri, 1 Sep 2017 17:05:36 +0200

If you set the HSTS header for HTTPS connections, people will
automtically redirected to HTTPS if they visited once.
This would give an improved security because browsers would
automatically redirect to HTTPS while you could still telnet/curl it
without having to use HTTPS.

On 09/01/2017 04:52 PM, Anselm R Garbe wrote:
> On 1 September 2017 at 10:15, ilf <ilf_AT_zeromail.org> wrote:
>> No, I am serious. Users, who think HTTPS sucks, shouldn't use HTTP
euther,
>> because that sucks, too. The choice shouldn't be HTTPS or HTTP, but
HTTPS or
>> Gopher. But please let HTTP die.
>
> Gopher is long dead, only some retro-enthusiasts are running gopher
> servers these days. I'm not against setting up gopher as an option,
> but not for the price to disable HTTP GET (which is all that we need
> after switching to git: and ssh: for code access).
>
>> In the current setup, users who type the domain suckless.org into
their URL
>> get HTTP cleartext. I think these users should get HTTPS.
>
> Why? If I connect to suckless.org 80 with telnet and type GET /
> HTTP/1.0 I want to see plain text.
>
>> And what about old external links to the site, they are currently
100% HTTP,
>> too. Without a redirect, HTTP will continue ti be used by many users
>> although many would rathet use HTTPs - or don't care.
>
> I explained this already. If I see a http link I expect an http link.
> External links will migrate to HTTPS slowly.
>
> -Anselm
>



Received on Fri Sep 01 2017 - 17:05:36 CEST

This archive was generated by hypermail 2.3.0 : Fri Sep 01 2017 - 17:12:42 CEST