Fwd: [Cryptography] Shaming sites that send sensitive information over HTTP

staticsafe me at staticsafe.ca
Fri Sep 19 17:52:41 PDT 2014

On 9/19/2014 18:58, Peter Gutmann wrote:
> grarpamp <grarpamp at gmail.com> forwarded:
>> My favorite:  The NSA's web site *redirects HTTPS to HTTP*.  Some kind of
>> back-handed acknowledgement of what they do?
> My guess is that it's politically-motivated, if you're the NSA would you want
> to buy your certs from a commercial CA, and if you're a commercial CA would
> you want to be known as the supplier of trusted certs to the NSA?
> Peter.

When I go to www.nsa.gov, I do not get a redirect to HTTP. HTTPS with a
cert provided by GeoTrust is what I get.


More information about the cypherpunks mailing list