see TimBL's "don't break the web" request to keep the uris the same, regardless
of method of access.
http://www.w3.org/DesignIssues/Security-NotTheS.html
________________________________________
From: ietf <ietf-bounces(_at_)ietf(_dot_)org> on behalf of Jari Arkko
<jari(_dot_)arkko(_at_)piuha(_dot_)net>
Sent: Tuesday, 2 June 2015 9:41:08 PM
To: Mark Nottingham
Cc: ietf(_at_)ietf(_dot_)org
Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF"
Mark:
I support this policy.
Thanks.
I'd suggest that if it's felt that cleartext content needs to be available,
it NOT be at <http://www.ietf.org/> (and similar); it should be on a
different hostname; e.g., <http://www.cleartext.ietf.org/>. The http version
of the URL should 301 to the corresponding https resource, and HSTS should be
in use.
That’s very good feedback - thanks. We will take it into consideration.
Jari