W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Rough minutes

From: Julian Reschke <julian.reschke@gmx.de>
Date: Sun, 10 Nov 2013 10:53:00 +0100
Message-ID: <527F577C.20106@gmx.de>
To: Yoav Nir <ynir@checkpoint.com>, HTTP Working Group <ietf-http-wg@w3.org>
CC: Peter Lepeska <bizzbyster@gmail.com>, Tim Bray <tbray@textuality.com>, Mark Nottingham <mnot@mnot.net>
On 2013-11-10 05:11, Yoav Nir wrote:
> I'm stumped about #3 myself.
>
> The literal interpretation is that you follow (or type in) an http://
> link, get a response, and in the response learn that this is also
> available with SSL. So the client attempts to upgrade to SSL, and
> receives a valid certificate. So, yay!
>
> But in that case, why is the http:// link out there at all, and if
> anybody types it in, why not immediately redirect to https:// as pretty
> much all sites using SSL do?

Redirecting means changing the URI (bookmarks etc), and also implies 
running the service both on port 80 and 443.

> ...

Best regards, Julian
Received on Sunday, 10 November 2013 09:53:26 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC