No HTTPS on nginx.org by default

Valentin V. Bartenev vbart at nginx.com
Mon Aug 22 10:31:30 UTC 2016


On Sunday 21 August 2016 15:56:09 B.R. wrote:
> It is surprising, since I remember Ilya Grigorik made a talk about TLS
> during the first ever nginx conf in 2014:
> https://www.youtube.com/watch?v=iHxD-G0YjiU
> https://istlsfastyet.com/

It's just Ilya's opinion.  You are free to agree or not.


> 
> Thus, there is no reason for not going full-HTTPS in delivering Web pages.

There are at least two reasons to not use HTTPS:

 1. Provide easy access to information for people, who can't use encryption
    by political, legal, or technical reasons.

 2. Don't waste resources on encryption, and thus save our planet.

Please, don't be a TLS despot and let people to have a choice to use encryption
or not.

I think the situation when I can't download new version of OpenSSL using old
version of OpenSSL is ridiculous, but they have configured openssl.org that way.
How I supposed to use Internet then?

  wbr, Valentin V. Bartenev



More information about the nginx mailing list