|
|
|
|
|
|
by gruez
3078 days ago
|
|
|
the problem is that if it's optional, lazy/ignorant developers will never implement it, even for sites that actually need it (pretty much any sites that handle login). requiring tls for new features is just another nudge that browser developers have put in place to encourage tls adoption. |
|
|
For instance in Firefox. I can't even go into about:config and enable plain text HTTP 2.0. They are trying to make choices for me.