Mark:
I support this policy.
Thanks.
I'd suggest that if it's felt that cleartext content needs to be available,
it NOT be at <http://www.ietf.org/> (and similar); it should be on a
different hostname; e.g., <http://www.cleartext.ietf.org/>. The http version
of the URL should 301 to the corresponding https resource, and HSTS should be
in use.
That’s very good feedback - thanks. We will take it into consideration.
Jari
signature.asc
Description: Message signed with OpenPGP using GPGMail