I’m astounded to see people still arguing “my site doesn’t need HTTPS” so I’ll put it simply: either spend a few mins putting it on your site now or continually explaining to your visitors why your site is not “not secure” until you end up doing it anyway. It’s not a negotiation.
Agreed, but it shows that there are irresponsible CAs revoking certs & that it's a real-world risk. I don't see this as an argument against https/dropping-plain-http, but it's a problem that needs to be solved.
-
-
Need for cert adds an additional layer (on top of domain registrar, dns, hosting) where the powerful can exercise influence to get a site taken offline.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.