On 14-02-2020 13:28, Dimitry Sibiryakov wrote:
14.02.2020 13:25, Mark Rotteveel wrote:
In any case, it has been fixed. As far as I understand, the certbot
didn't restart the site after renewing the certificate causing it to
continue to use the old certificate.
What on this site requires encryption is still an open question.
It protects against man-in-the-middle tampering (like access providers
injecting ads) (and other benefits, see
https://snyk.io/blog/10-reasons-to-use-https/), and because of those
benefits, search engines gives pages with HTTPS a higher score.
Contrary to your opinion, HTTPS by default is the new normal, and HTTP
(or only HTTP) is the oddity.
Mark
PS: It is high time that the tracker also gets HTTPS, but given the
ancient version of Jira it's using, I'm not sure if that is an option.
--
Mark Rotteveel
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
