[llvm-dev] [SERVER UPDATE] Moving clang, clang-analyzer, libcxxabi, libcxx ... websites to new server
Joerg Sonnenberger via llvm-dev
llvm-dev at lists.llvm.org
Sun Jan 15 14:30:44 PST 2017
On Sun, Jan 15, 2017 at 04:25:16PM -0500, James Knight wrote:
> On Jan 15, 2017, at 9:19 AM, Joerg Sonnenberger via llvm-dev <llvm-dev at lists.llvm.org> wrote:
> > On Fri, Jan 13, 2017 at 04:07:48PM -0500, James Y Knight via llvm-dev wrote:
> >> But beyond that: there's no downside. Why should *anyone* continue to serve
> >> http traffic? It's just all around better and safer to require https, for
> >> everything, always.
> > I take you haven't tried to use WiFi at UK airports or coaches recently?
> > There are a lot of other places with completely broken "transparent"
> > proxies and forcing HTTPS (especially in combination with HTST) makes
> > the network unusable.
> No, I haven't had the pleasure recently, so I'm not aware of what you're talking about.
You said there is no downside. I've demonstrated a situation people can
face right now where it can make a website unusable. Don't handwave away
the cost of forcing HTTPS, it adds overhead for all involved parties.
Don't get me wrong, I'm all for properly supporting HTTPS everywhere,
but it is not without downsides.
More information about the llvm-dev