Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Sep 19 15:58:25 PDT 2014
grarpamp <grarpamp at gmail.com> forwarded:
>My favorite: The NSA's web site *redirects HTTPS to HTTP*. Some kind of
>back-handed acknowledgement of what they do?
My guess is that it's politically-motivated, if you're the NSA would you want
to buy your certs from a commercial CA, and if you're a commercial CA would
you want to be known as the supplier of trusted certs to the NSA?
Peter.
More information about the cypherpunks
mailing list