My concern with https being forced on sites is that older sites that support older browsers will go away entirely.
@davewiner has some well founded concerns too.
-
-
-
Who’s forcing it? And just how old are you talking about browser wise?
-
Google is somewhat forcing it. http://scripting.com/2018/07/13/125133.html … Any old browser but let’s especially consider the browsers on things like embedded systems, Mac OS 9, older versions of Android.
-
Ah, that piece has been thoroughly debunked, it’s really rather odd: https://scotthelme.co.uk/https-anti-vaxxers/ … And sure, if you go back far enough you’ll find browsers that won’t work, but let’s be honest about the numbers, >70% of web requests are HTTPS already
-
Oh I’m not talking about browsing the modern web with those sites. But for example, the perennial Space Jam website is now forcing HTTPS, blocking access to older browsers. I’ll check out the piece you linked now.
-
Right, but what I mean is that the only people who can’t browse that site also can’t browse a significant portion of the web already, and that proportion is increasingly *very* rapidly
-
An analogy: a lot of people with VCRs can’t buy very many new releases but we shouldn’t tell producers of Blu-Ray movies to break all the VCRs in the world if they want to keep releasing discs.
-
IRL analogies usually fall short of online reality: https://www.troyhunt.com/irl-analogies-to-explain-digital-concepts-are-terrible/ … If anyone is using online banking, social media, email or even just reading the news, they’re using a browser that supports HTTPS. More sites using HTTPS won’t change that.
- 4টি আরও উত্তর
নতুন কথা-বার্তা -
-
-
I appreciate your stance here, but I don't think that jab, however little, against Dave in that article is necessary. Dave isn't arguing against security, he's arguing against a megacorp imposing rules on the whole web by function of their control over a browser platform.
-
He’s arguing a bunch of stuff that just doesn’t add up, read
@Scott_Helme’s piece:https://scotthelme.co.uk/https-anti-vaxxers/ … -
Sure, site a post that starts by insulting dave and his concerns and difficulty converting to https. It's not like dave said https is bad.
-
Which was the bit you disagreed with?
-
your comments regarding Dave's concerns not adding up or you siting a blog post that that insinuates those that disagree are crazy and uneducated?
-
Only those that reject the science are! I’m sure even his most ardent supporters can see there’s a lot that just doesn’t add up in those arguments.
কথা-বার্তা শেষ
নতুন কথা-বার্তা -
-
-
The problem I have with HTTPS is there's no way of verifying it's a secure connection end to end all the browser knows is it has a secure connection to the frontend For instance I could have a HTTPS connection to
@Cloudflare but is their connection to the origin also HTTPS -
And that would be a *massive* step forward from no HTTPS:https://www.troyhunt.com/cloudflare-ssl-and-unhealthy-security-absolutism/ …
-
Thats a good write up, and you are right. What I'm worried about is people assuming padlock = secure site which isn't always the case
-
There’s certainly an expectation management issue there, but th padlock will be disappearing altogether in the future so that’ll solve that problem
কথা-বার্তা শেষ
নতুন কথা-বার্তা -
-
লোড হতে বেশ কিছুক্ষণ সময় নিচ্ছে।
টুইটার তার ক্ষমতার বাইরে চলে গেছে বা কোনো সাময়িক সমস্যার সম্মুখীন হয়েছে আবার চেষ্টা করুন বা আরও তথ্যের জন্য টুইটারের স্থিতি দেখুন।