From owner-freebsd-questions@FreeBSD.ORG Fri Apr 3 21:47:35 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EAB5F40F for ; Fri, 3 Apr 2015 21:47:35 +0000 (UTC) Received: from mail-qc0-x236.google.com (mail-qc0-x236.google.com [IPv6:2607:f8b0:400d:c01::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9BD8F827 for ; Fri, 3 Apr 2015 21:47:35 +0000 (UTC) Received: by qcay5 with SMTP id y5so96419893qca.1 for ; Fri, 03 Apr 2015 14:47:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=xCA/Jgj9ft56G+7NN1klnWGnyK8O8ho5xdUEvyQzpgw=; b=ft1EnN6XMc86wKSM4ZfbfI7K2iC+3qdyyhMnfdwOwv1fOkiNAdIK78ZVV5lHopnvrR aGaQIWsVXvWsDWP05n8nT8m9KKEF3/Ec5XtaDDbwvuuLup5mtcloggndJba4bzkDtelv k8Lnni//Q3GgUzvnzXW/C4hr5F72XHFgexCgQn7ld03eX9e3gV6rcCz/0iUzt85NBgUC iZEXeGkgmfY/YGr2TwnXFRUyS9N2nErQyxKUqPjAosG+dZIAsBXKv7u3UTsbdh4726Vk PJB5P2+60YqOJpyGYhCnwy2/EYMn6rC9XHlbXEOLRNQul/DZ/4vSOm0ueUz0xhOSck4Y MgHg== X-Received: by 10.140.49.9 with SMTP id p9mr4771108qga.51.1428097654779; Fri, 03 Apr 2015 14:47:34 -0700 (PDT) Received: from localhost.localdomain ([209.181.150.218]) by mx.google.com with ESMTPSA id m202sm6465652qhb.30.2015.04.03.14.47.33 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Apr 2015 14:47:33 -0700 (PDT) Message-ID: <551F0A74.5000709@gmail.com> Date: Fri, 03 Apr 2015 15:47:32 -0600 From: jd1008 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Why does FreeBSD insist on https? References: <551DA84D.8030205@gmail.com> <20150402222539.37e330f8@gumby.homeunix.com> <551DC4F7.5090005@gmail.com> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Apr 2015 21:47:36 -0000 On 04/03/2015 01:32 AM, Nino J wrote: > On Fri, Apr 3, 2015 at 12:38 AM, jd1008 wrote: > >> On 04/02/2015 03:25 PM, RW wrote: >> >>> On Thu, 02 Apr 2015 14:36:29 -0600 >>> jd1008 wrote: >>> >>>> https prevents intermediate hop points (such as your isp) >>>> from looking at the page content, or at the terms of your >>>> search. But that does not prevent them from seeing the url. >>>> >>> Actually it does. The url is sent inside the encryption. >>> >> That is good to know. I had thought otherwise. > > Just bear in mind that the OP mentioned redirect to https. That means that > the initial request to the exact URL (i.e. before being redirected and > switching to https) is visible. > That happens to me by virtue of the fact that I have installed a plugin for FF which tests to see if the URL supports https, if not, then it defaults to http.