On Fri, 2014-09-12 at 18:17 -0700, Seth David Schoen wrote: > Matthias Wimmer writes: > > > Especially it does not indicate, that every resource available on a > > given HTTP URI is also available on the corresponding HTTPS URI. > > That possibility is a reason not to create redirections automatically, > since historically we've had a number of examples of sites where the > content on the HTTPS site was entirely different from the content on > the HTTP site.
I don't have any data but I would hazard a guess that sites with DNSSEC and TLSA setup are serious enough about security to not be that broken. -- bye, pabs http://bonedaddy.net/pabs3/
signature.asc
Description: This is a digitally signed message part
_______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
