20 Sep
2014
20 Sep
'14
12:52 a.m.
On 9/19/2014 18:58, Peter Gutmann wrote:
grarpamp <grarpamp@gmail.com> forwarded:
My favorite: The NSA's web site *redirects HTTPS to HTTP*. Some kind of back-handed acknowledgement of what they do?
My guess is that it's politically-motivated, if you're the NSA would you want to buy your certs from a commercial CA, and if you're a commercial CA would you want to be known as the supplier of trusted certs to the NSA?
Peter.
When I go to www.nsa.gov, I do not get a redirect to HTTP. HTTPS with a cert provided by GeoTrust is what I get. -- staticsafe https://staticsafe.ca