Collin J. Doering <> writes:

> Not sure where the best place to report this, however today I noticed
> that, and do not
> redirect http to https, though its also served over https.

I'm unsure if this is intentional, or something to change.

There are security advantages to forcing all users to use HTTPS, with
the disadvantage that some of those users might not want to use
HTTPS. I'm not sure whether the need for security on those domains is
high enough to justify not supporting plain HTTP...

Attachment: signature.asc
Description: PGP signature

Reply via email to