- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Thu, 19 Jul 2012 20:01:35 +0000
- To: Willy Tarreau <w@1wt.eu>
- cc: Mike Belshe <mike@belshe.com>, httpbis mailing list <ietf-http-wg@w3.org>
In message <20120719184924.GM16208@1wt.eu>, Willy Tarreau writes: >As usual, Adam gave a nice description there, and I'm sure many of us are >aware of the issues he describes. I'm among those who consider that having >only some pages of a site secured is dangerous. Either the site is clear or >it's not. What about sites that are HTTP until you log in, then switch to HTTPS ? That's a perfectly fair & sensible way to avoid spending resources on non-paying visitors. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Thursday, 19 July 2012 20:02:02 UTC