On 9/19/2014 18:58, Peter Gutmann wrote: > grarpamp <[email protected]> forwarded: > >> My favorite: The NSA's web site *redirects HTTPS to HTTP*. Some kind of >> back-handed acknowledgement of what they do? > > My guess is that it's politically-motivated, if you're the NSA would you want > to buy your certs from a commercial CA, and if you're a commercial CA would > you want to be known as the supplier of trusted certs to the NSA? > > Peter. >
When I go to www.nsa.gov, I do not get a redirect to HTTP. HTTPS with a cert provided by GeoTrust is what I get. -- staticsafe https://staticsafe.ca
