Comment by pocksuppet
14 hours ago
Probably the most common reason to use TLS is to check a box on a list of compliance rules. Is that bad?
14 hours ago
Probably the most common reason to use TLS is to check a box on a list of compliance rules. Is that bad?
Do browsers even load non-HTTPS sites anymore without a massive warning?
neverssl.com works fine for me, only a small warning in the place where the padlock usually is, that no-one checks anyway.
The browser would be very unhappy with an <input type="password"/> on a non-TLS site (localhost excepted). HSTS would trigger the "massive" warning and refuse to load the site, however.
It's more pronounced on desktop
Ah yes I think the HSTS issue is what I was thinking of
Yes, they do.
Yeah just ignore the big "not secure" warning in the URL bar
2 replies →
browsers pushed it, not compliance