Why does FreeBSD insist on https?
David Benfell
benfell at parts-unknown.org
Sat Apr 4 01:22:09 UTC 2015
Quoting jd1008 <jd1008 at gmail.com>:
> On 04/03/2015 02:28 AM, Mel Pilgrim wrote:
>> On 2015-04-03 00:32, Nino J wrote:
>>> Just bear in mind that the OP mentioned redirect to https. That means that
>>> the initial request to the exact URL (i.e. before being redirected and
>>> switching to https) is visible.
>>
>> Which is why we have HSTS. Packaged HSTS lists prevent the browser
>> from ever sending an uncrypted URL.
>>
>> ________
> Unfortunately, too many web sites do not have HSTS installed in the
> http server.
> I have seen it in many web sites.
I've been using Qualys SSL Check to catch details like this. The word
probably *does* need to be put out better that you have not properly
configured a web site unless you've visited a site like this and
checked.
--
David Benfell <benfell at parts-unknown.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: PGP Digital Signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20150403/eeb4817d/attachment.sig>
More information about the freebsd-questions
mailing list