[HTTPS-Everywhere] Always redirect to https when TLSA records exist?
Paul Wise
pabs3 at bonedaddy.net
Fri Sep 12 18:12:52 PDT 2014
On Fri, 2014-09-12 at 09:39 +0000, Matthias Wimmer wrote:
> Especially it does not indicate, that every resource available on a
> given HTTP URI is also available on the corresponding HTTPS URI.
>
> E.g. a shop may use a TLSA record for the X.509 certificate of its
> secure webserver, but may only use https addresses for the payment
> processing. It may not allow browsing the web shop using https.
The automatic whitelisting on https > http redirects should fix that.
--
bye,
pabs
http://bonedaddy.net/pabs3/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <https://lists.eff.org/pipermail/https-everywhere/attachments/20140913/09fbb77a/attachment.sig>
More information about the HTTPS-Everywhere
mailing list