From owner-freebsd-questions@FreeBSD.ORG Sat Apr 4 01:30:24 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 82B9A92A for ; Sat, 4 Apr 2015 01:30:24 +0000 (UTC) Received: from mail-ie0-x236.google.com (mail-ie0-x236.google.com [IPv6:2607:f8b0:4001:c03::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 40BB9DD3 for ; Sat, 4 Apr 2015 01:30:24 +0000 (UTC) Received: by ierf6 with SMTP id f6so100528037ier.2 for ; Fri, 03 Apr 2015 18:30:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=Lmq9ivHPXF+MUAwyrpgy13NW79yf7cOIxf/E+mLvTBE=; b=FhF4oRnYFHNohMgicJ6eX22G5g5orRfo7asBQHOMkO01Vr+KlSrNKmJEdHcuqyYYGk mJaM/3E8mo7kXhvOu5sn/MlPD1Z3HVDS0uMNMssQilrISjNnvTRTBsVMGPsXlCHIWm3J UCRSgnI33IXRWbd1TVCZrpjYddHT3UBSEVBrWgeSU1IzVGBSe78HdbvQ2gD1W5PmbTiu V+IrxYH1M9dQFeydgaFrokF93X9qZA+k55Aa/9RyhySpHfD7U6mieEuEJQrZqDRNQYYM R7zKGnEmnb4BaCXQsXWJosKpHkDowpCSyWxZ2h6lUOVp9UndwPHAcSpF3+g+5bkBFoan UiGg== X-Received: by 10.107.130.145 with SMTP id m17mr7281281ioi.89.1428111023600; Fri, 03 Apr 2015 18:30:23 -0700 (PDT) Received: from localhost.localdomain ([50.243.6.59]) by mx.google.com with ESMTPSA id x9sm2689308igl.2.2015.04.03.18.30.22 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Apr 2015 18:30:22 -0700 (PDT) Message-ID: <551F3EAA.5050406@gmail.com> Date: Fri, 03 Apr 2015 19:30:18 -0600 From: jd1008 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Why does FreeBSD insist on https? References: <551DA84D.8030205@gmail.com> <20150402222539.37e330f8@gumby.homeunix.com> <551DC4F7.5090005@gmail.com> <551E4F43.1060109@bluerosetech.com> <551F0BC9.1050405@gmail.com> <20150403182207.Horde.4tWAInV2MEGqMujCj2DYHw8@mail.parts-unknown.org> In-Reply-To: <20150403182207.Horde.4tWAInV2MEGqMujCj2DYHw8@mail.parts-unknown.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Apr 2015 01:30:24 -0000 On 04/03/2015 07:22 PM, David Benfell wrote: > Quoting jd1008 : > >> On 04/03/2015 02:28 AM, Mel Pilgrim wrote: >>> On 2015-04-03 00:32, Nino J wrote: >>>> Just bear in mind that the OP mentioned redirect to https. That >>>> means that >>>> the initial request to the exact URL (i.e. before being redirected and >>>> switching to https) is visible. >>> >>> Which is why we have HSTS. Packaged HSTS lists prevent the browser >>> from ever sending an uncrypted URL. >>> >>> ________ >> Unfortunately, too many web sites do not have HSTS installed in the >> http server. >> I have seen it in many web sites. > > I've been using Qualys SSL Check to catch details like this. The word > probably *does* need to be put out better that you have not properly > configured a web site unless you've visited a site like this and checked. Huh??? Did you omit some words from your sentence?? :) :) Honestly, I do not quiet get the gist of your post.