Why does FreeBSD insist on https?

Valeri Galtsev galtsev at kicp.uchicago.edu
Thu Apr 2 21:30:21 UTC 2015 

On Thu, April 2, 2015 4:06 pm, Charles Swiger wrote:
> On Apr 2, 2015, at 1:26 PM, Dieter BSD <dieterbsd at gmail.com> wrote:
>> Why do so many FreeBSD URLs redirect from http to https?
>> What is this intended to accomplish?
>
> Security?  Confidentiality?  Strong(er) assurance of content integrity?
>
> There are an increasing # of transparent proxies which rewrite
> content, inject ads, even inject malware for HTTP which are foiled
> by switching to HTTPS + HSTS (HTTP Strict Transport Security).
>
>> This is user-hostile.  Some browsers cannot do https, and there are
>> good reasons (unrelated to http vs https) to use these browsers.
>
> Any browser which does not support HTTPS is either obsolete or simply
> missing critical functionality.  Your bank, online stores, utilities,
> almost any site with a login are all going to require HTTPS.
>
> However, if you prefer to interact with the web by having a script which
> performs wget and emails you back the results, go right ahead.  :-)

Or maybe that was just an innocent looking attempt to request change that
will make FreeBSD site vulnerable as well - from those who exploit these.
After all gmail is pretty faceless e-mail address...

Just a wild guess ;-)

Valeri

>
>> There are also good reasons to prefer http over https even with a
>> browser
>> that can do https.  Https is useful when needed, but it isn't needed
>> here.
>>
>> Can someone *please* fix this?
>
> You should expect that as time passes, more and more sites will either
> switch
> to HTTPS only and/or will switch to HTTP/2 which encourages browsers to
> try and
> connect via HTTPS even for http URLs.
>
> Regards,
> --
> -Chuck
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

More information about the freebsd-questions mailing list