Search engines and https

Lucky Green shamrock at cypherpunks.to
Wed Nov 19 05:25:14 PST 1997



On Wed, 19 Nov 1997, Adam Back wrote:
> 
> One thing you could do is to have your server use http (no s) iff the
> connection comes from a known search engine.  Reasonably easy to do --
> set up an http server, and block all sites, and put in allow
> directives for the search engines.

Then the search engine would list the wrong URL. The idea is to get
people to use crypto. In  fact, as soon as I find the time, cypherpunks.to
will reject weak crypto browsers and provide those unfortunate enough to
use such a browser with pointers to upgrade options.

 > It's not as if you're insisting on client certs for the HTTPS
server.

Actually, there are pages on the server that do require client certs.
Of course these pages need not be listed  in any search engine. But now
that you mention it, it might be fun to set up an automated enrollment
page and require client certs for everything.

-- Lucky Green <shamrock at cypherpunks.to> PGP v5 encrypted email preferred.
   "Tonga? Where the hell is Tonga? They have Cypherpunks there?"







More information about the cypherpunks-legacy mailing list