- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sun, 10 Nov 2013 10:53:00 +0100
- To: Yoav Nir <ynir@checkpoint.com>, HTTP Working Group <ietf-http-wg@w3.org>
- CC: Peter Lepeska <bizzbyster@gmail.com>, Tim Bray <tbray@textuality.com>, Mark Nottingham <mnot@mnot.net>
On 2013-11-10 05:11, Yoav Nir wrote: > I'm stumped about #3 myself. > > The literal interpretation is that you follow (or type in) an http:// > link, get a response, and in the response learn that this is also > available with SSL. So the client attempts to upgrade to SSL, and > receives a valid certificate. So, yay! > > But in that case, why is the http:// link out there at all, and if > anybody types it in, why not immediately redirect to https:// as pretty > much all sites using SSL do? Redirecting means changing the URI (bookmarks etc), and also implies running the service both on port 80 and 443. > ... Best regards, Julian
Received on Sunday, 10 November 2013 09:53:26 UTC