[HTTPS-Everywhere] HTTPS Everywhere is unscalable (uses central database)
Phil Vandry
vandry at TZoNE.ORG
Fri Apr 29 14:46:25 PDT 2011
On 2011-04-29 12:27, Eitan Adler wrote:
> If it is for your own website just set up the redirection yourself via
> your web server (and enable STS so that there is no fallback). There
Hi Eitan,
I didn't know about STS, so thanks for bringing it to my attention.
STS is, of course, a partial answer to my question. The reason that it's
partial is that there is still a window where users may use HTTP: on
initial contact and on first contact after expiration of the STS
information.
-Phil
More information about the HTTPS-everywhere
mailing list