Vincent Lefevre wrote in <20250818160239.gm607...@qaa.vinc17.org>: |On 2025-08-18 14:45:51 +0000, Emery Hemingway wrote: |> If you want https then there should be a browser option or plugin |> to always try https before http. | |That's still insecure: someone who controls the network can block |https connections to some site, then redirect the http fallback to |another site.
That is then why Android Chrome screams loud about insecurity if you do not publish those special DNS entries, even if HTTPS would be doable. (I had a run on that on some IETF list because the behaviour pisses me off, firefox simply does HTTPS, they could scream when that is not doable maybe, you know.) Having said that, emails is worse, and getting more so. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
