What’s on HTTP?(whatsonhttp.com)
26 pointsby elixx4 hours ago6 comments
  • paulnpace32 minutes ago
    Not very useful when most of the pages are default web server pages.
  • superkuh2 hours ago
    HTTP is incomparibly less fragile than HTTPS which is why HTTP+HTTPS is such a great solution for websites made by human persons for human persons. Lets be clear, corporate or institutional persons using HTTPS alone is fine and reasonable. But for human use cases HTTP+HTTPS gets you the best of both worlds. No HTTPS cert system ever survives longer than a few years without human input/maintainence. There's just too much changing and too much complexity. From the software of the user to the software of the webserver.

    Which is to say, HTTP is not some "ancient" tech like an analog television. It is a modern technology used today doing things that HTTPS can't.

    • tryauuum2 hours ago
      I'd rather have some expired cert than http

      I saw once my ISP injecting javascript ads into http traffic and the horror is with me forever

      • miladyincontrol36 minutes ago
        Agree strongly. An expired cert is better than no cert.

        Also would argue maintenance is only as complicated as you make it for yourself. Countless people keep patched, secure, https web servers running with minimal effort. If its somehow effort, introspect some on why you are somehow making so much work for yourself.

        • superkuh24 minutes ago
          Might be a bit of each of us touching different ends of the elephant. To be clear I am talking about long timespans. Lets Encrypt hasn't even existed for a full decade yet. During that time it's dropped support entirely for the original acme protocol. During that time it's root certs have expired at least twice (only those I remember where it caused issues in older software). Saying that there's no trouble with HTTPS must be coming from experiences on short timescales (ie, a few years).

          HTTP/3 already doesn't allow anything but CA TLS only. It won't be too long before they no longer allow you to click through CA TLS warnings.

  • 4 hours ago
    undefined
  • tryauuum2 hours ago
    sexy
  • swordmem3 hours ago
    [dead]
  • unit149an hour ago
    [dead]