Mandatory HTTPS!

what
does
it
matter
david

Actually new Firefox, and soon if not already Chrome and then inevitably other browsers now show a big “THIS CONNECTION IS UNTRUSTED” warning on http. :slight_smile: That was actually one of the many reasons to do this.

[quote=“Moparisthebest, post:23, topic:553635”][quote author=Davidi2 link=topic=672553.msg4497973#msg4497973 date=1446082021]
As far as I can tell, there aren’t any downsides, and it’s a good fallback if for some reason we have a cert problem and everyone wont be able to view the site because “THIS CONNECTION IS UNTRUSTED”
[/quote]

Actually new Firefox, and soon if not already Chrome and then inevitably other browsers now show a big “THIS CONNECTION IS UNTRUSTED” warning on http. :slight_smile: That was actually one of the many reasons to do this.[/quote]Do you have a source for that? I believe that is incorrect. AFAIK that warning shows when you attempt to use https and the site has an invalid cert. I use the latest firefox and never get that warning on http.


I’ve always found it a bit bizare that browsers have been letting people browse unencrypted websites with no warning for all these years, but as soon as a website that actually uses encryption presents a bad cert you get a massive fuck off warning about it.

maybe microsoft were way ahead of their time when they had this shit in 1920 or whenever it was:

Ok so yeah, it’s not on firefox yet.

oh maybe we should have just waited then, fuck security anyway amirite guys

or maybe you should stop being a sarcastic asshole. i was just factchecking the incorrect statement

It should also be noted that google search engine algorithms rank mandatory https higher.

I like being able to cache my webpages. My internet is slow as it is especially in my area, having to always load the page isn’t really something I’d fancy.

Security over performance, in my case I’d prefer performance.

[quote=“my-swagger, post:30, topic:553635”]I like being able to cache my webpages. My internet is slow as it is especially in my area, having to always load the page isn’t really something I’d fancy.

Security over performance, in my case I’d prefer performance.[/quote]What area are you in, just out of curiosity

[quote=“Davidi2, post:31, topic:553635”][quote author=my-swagger link=topic=672553.msg4498118#msg4498118 date=1446312167]
I like being able to cache my webpages. My internet is slow as it is especially in my area, having to always load the page isn’t really something I’d fancy.

Security over performance, in my case I’d prefer performance.
[/quote]What area are you in, just out of curiosity[/quote]
Kent, UK

[quote=“my-swagger, post:30, topic:553635”]I like being able to cache my webpages. My internet is slow as it is especially in my area, having to always load the page isn’t really something I’d fancy.

Security over performance, in my case I’d prefer performance.[/quote]Is that because you’re trying to cache with a proxy? I used to do this on my old network since it was slow as balls.

It is definitely possible to have a proxy server cache https - I did it for a few selected domains (google, youtube, wikipedia). If you wanted to support every website you’d have to setup your own CA on the server, trust it from each machine, and have the server dynamically issue certs for each website you visit. Sounds like a pain in the ass but if you genuinely need a proxy cache that’s your only option, since that’s the way the internet is moving.

I’m not using a proxy, haven’t thought about it really. I wouldn’t really want to use it though;.

[quote=“my-swagger, post:34, topic:553635”]I’m not using a proxy, haven’t thought about it really. I wouldn’t really want to use it though;.[/quote]So your browser doesn’t cache content served over https? That doesn’t sound right at all.

[quote=“Justin Bieber, post:35, topic:553635”][quote author=my-swagger link=topic=672553.msg4498152#msg4498152 date=1446376666]
I’m not using a proxy, haven’t thought about it really. I wouldn’t really want to use it though;.
[/quote]So your browser doesn’t cache content served over https? That doesn’t sound right at all.[/quote]
HTTPS does not cache content at all

[quote=“my-swagger, post:36, topic:553635”][quote author=Justin Bieber link=topic=672553.msg4498154#msg4498154 date=1446385563]

HTTPS does not cache content at all[/quote]HTTPS handles caching in the exact same way as HTTP. If your browser isn’t caching secure pages then this is because it is choosing not to do so. Either change the setting, upgrade, or switch to a better browser.

It may also be the case that certain websites (possibly this one??) are not sending the correct cache control headers over https due to misconfiguration. Again, webmasters problem that needs to be raised with them.

[quote=“Justin Bieber, post:37, topic:553635”][quote author=my-swagger link=topic=672553.msg4498156#msg4498156 date=1446392414]

[quote author=Justin Bieber link=topic=672553.msg4498154#msg4498154 date=1446385563]

HTTPS does not cache content at all
[/quote]HTTPS handles caching in the exact same way as HTTP. If your browser isn’t caching secure pages then this is because it is choosing not to do so. Either change the setting, upgrade, or switch to a better browser.

It may also be the case that certain websites (possibly this one??) are not sending the correct cache control headers over https due to misconfiguration. Again, webmasters problem that needs to be raised with them.[/quote]
There can be many problems with doing that. I use IE and I don’t think it has any support for cache preventing headers anyway (may be wrong). As the end user, I don’t want to do any config to view the site comfortably. Sorry.

No need to apologise, if you want to use old broken tech then the onus is on you when shit goes wrong.

Regardless, IE does cache HTTPS by default provided the server sends the correct headers. If it doesn’t, then report it to mitb and I’m sure he’ll fix it. If it doesn’t work even with the correct headers then report it to microsoft because this is a bug. Your responsibility as an end user doesn’t include having to mess around with technical config but all you’re doing is old man grumbling if you don’t report faults.

Your problem is that you’re still using IE.