Date: Fri, 03 Apr 2015 18:22:07 -0700 From: David Benfell <benfell@parts-unknown.org> To: freebsd-questions@freebsd.org Subject: Re: Why does FreeBSD insist on https? Message-ID: <20150403182207.Horde.4tWAInV2MEGqMujCj2DYHw8@mail.parts-unknown.org> In-Reply-To: <551F0BC9.1050405@gmail.com> References: <CAA3ZYrD_2AaDfW3oJ-NFt333DrjOwgBR-8bbqH0eVZGL6Y_5WQ@mail.gmail.com> <551DA84D.8030205@gmail.com> <20150402222539.37e330f8@gumby.homeunix.com> <551DC4F7.5090005@gmail.com> <CALf6cgYFZBwy=SOcaayuP90jjGdvZt2aghYeCX0iTweceXXrEA@mail.gmail.com> <551E4F43.1060109@bluerosetech.com> <551F0BC9.1050405@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format and has been PGP signed. --=_cgGFZjL3kRlnMRU_RSdQ5A1 Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Quoting jd1008 <jd1008@gmail.com>: > On 04/03/2015 02:28 AM, Mel Pilgrim wrote: >> On 2015-04-03 00:32, Nino J wrote: >>> Just bear in mind that the OP mentioned redirect to https. That means t= hat >>> the initial request to the exact URL (i.e. before being redirected and >>> switching to https) is visible. >> >> Which is why we have HSTS. Packaged HSTS lists prevent the browser=20= =20 >>=20from ever sending an uncrypted URL. >> >> ________ > Unfortunately, too many web sites do not have HSTS installed in the=20=20 >=20http server. > I have seen it in many web sites. I've been using Qualys SSL Check to catch details like this. The word=20=20 probably=20*does* need to be put out better that you have not properly=20= =20 configured=20a web site unless you've visited a site like this and=20=20 checked. --=20 David Benfell <benfell@parts-unknown.org> --=_cgGFZjL3kRlnMRU_RSdQ5A1 Content-Type: application/pgp-signature Content-Description: PGP Digital Signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJVHzy/AAoJEBV64x4SNmAr6/UP/2XDccPaApI4yA+DNsgAa3MK zbpgk2w/5e4vLNgV2qMRvzgyF3zGx41WVVZERHv/ZaVfphJ/qP+QuIZZrx0SiepV V8ZFqtHZB+lRV2RMs3A6qrI9CAd+rfA8G4pk6W9eFJkZDU/8tLjuK6t96NAqxXI7 YZe7jqi7EqTFHRJdgZxlFEHsEDhLaIAWnASMmOqDHpcBb4o0A3bhPLvh8VMZEG2g E9LQN0qTZ0THhiNCLM3fgJkHDnN+nfWbapWA5gg7IHes/bTXsHJMxbbSH3cUA3w5 cqZ2lmuzsqUhABYnCso0z6VOpO/nVDjRI1BbxkJUP5C+ODnsZ/5wV4EMPJpYfxlK GALx6r2rwsl/MSzXMrk86H/dq13RydDU3eHIJHHvLlWs5eQffN04TL4ERx4Xc0Fb C9WvxjWnavZfZkSdfY53myuovwaVVO8oUQuP0/qaA3Hk29M89rcz+hoZW8NLy124 6kYyhalB9QuhUlLlAbvJLAmqDP+O0vIurcU9yXpoUBaOUbXMR/BxV4tJxAPEcBi9 w4iiT7SmPn91DtzHSV1uXhlW0/Pdi4bSlESzoq16OcVhG2Gvhm3aDHPeoAQXC1mH B7mqwbLHNcjdqsDGn2i5rfk01MI5ewaPdnsecP745r5zyYIcxnnkXrzmQ1e986Qg ZE4rribjJk8uP1RmgkrA =YEz6 -----END PGP SIGNATURE----- --=_cgGFZjL3kRlnMRU_RSdQ5A1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150403182207.Horde.4tWAInV2MEGqMujCj2DYHw8>