No HTTPS on by default

Valentin V. Bartenev vbart at
Mon Aug 22 10:31:30 UTC 2016

On Sunday 21 August 2016 15:56:09 B.R. wrote:
> It is surprising, since I remember Ilya Grigorik made a talk about TLS
> during the first ever nginx conf in 2014:

It's just Ilya's opinion.  You are free to agree or not.

> Thus, there is no reason for not going full-HTTPS in delivering Web pages.

There are at least two reasons to not use HTTPS:

 1. Provide easy access to information for people, who can't use encryption
    by political, legal, or technical reasons.

 2. Don't waste resources on encryption, and thus save our planet.

Please, don't be a TLS despot and let people to have a choice to use encryption
or not.

I think the situation when I can't download new version of OpenSSL using old
version of OpenSSL is ridiculous, but they have configured that way.
How I supposed to use Internet then?

  wbr, Valentin V. Bartenev

More information about the nginx mailing list