X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Securely connect to websites via https first by default, if not then, use http as fallback. This will prevent downgrade attacks.

Kuphostiwe

I have a suggestion. I would like for browsers to connect securely via https first by default to websites. When the browser checks that https is not supported by the website, it should downgrade to http, so do invalid certificates. This will prevent downgrade attacks and make HSTS headers optional. Browsers for years have been connecting to http by default, which I feel is a security risk. A kind of design flaw. Is an option to connect to https first by default a good idea?

I have a suggestion. I would like for browsers to connect securely via https first by default to websites. When the browser checks that https is not supported by the website, it should downgrade to http, so do invalid certificates. This will prevent downgrade attacks and make HSTS headers optional. Browsers for years have been connecting to http by default, which I feel is a security risk. A kind of design flaw. Is an option to connect to https first by default a good idea?

Eminye Imininingwane Yohlelo

Fakela amapulagi

  • Google Update
  • LastPass Plugin
  • VLC media player Web Plugin

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0

Eminye Imininingwane

the-edmeister
  • Top 25 Contributor
  • Moderator
5419 izisombululo 40427 izimpendulo
Kuphostiwe

You may submit suggestions to the developers here: https://input.mozilla.org/en-US/feedback

You may submit suggestions to the developers here: https://input.mozilla.org/en-US/feedback
cor-el
  • Top 10 Contributor
  • Moderator
17680 izisombululo 159921 izimpendulo
Kuphostiwe

See:

See: *HTTPS Everywhere: http://www.eff.org/https-everywhere