1. 13
  1. 4

    Yes, what the web needs is more centralization.

    1. 2

      When there’s more decentralization of HTTPS, a few to a pile of people are griping about the website of one, security-focused coder in particular. When someone pushes centralization, one, security-focused coder shows up to gripe about that. For one forum, a recent post doing pushing the opposite of what was becoming a commonly-linked approach to CA’s apparently dropped the Tangent-in-the-Middle attacks down to two comments on that thread says two sources of mine looking at the monitor. Is that a net gain or loss? Only time will tell. ;)

    2. 2

      I just turned on HTTPS in my App Engine web app – it’s integrated with Let’s Encrypt. It was surprisingly easy compared to the times I’ve used old school CAs.

      1. 0

        Add a 301 “Permanent Redirect”

        Never do that. Some browsers cache these redirects forever and any mistake you make won’t be fixable for those users that visited the site, so do yourself a favour and stick with HTTP 302 temporary redirections.