Difference between revisions of "Talk:2634: Red Line Through HTTPS"

Explain xkcd: It's 'cause you're dumb.
Jump to: navigation, search
Line 8: Line 8:
  
 
:2015 is when the first Let's Encrypt certs were issued, and 2016 is when LE became generally available to the public and thus when free SSL/TLS became very very easy for just about anyone setting up a web server, hence the comic citing 2015. However even with a valid cert you might have a number of issues, like [https://www.mixedcontentexamples.com/ mixed content]. At least in Firefox, an expired cert gives a big warning screen that gives you an option to add a security exception; I don't care enough to install Chrom{e,ium} to test its UI. [[Special:Contributions/172.69.69.250|172.69.69.250]] 08:30, 18 June 2022 (UTC)
 
:2015 is when the first Let's Encrypt certs were issued, and 2016 is when LE became generally available to the public and thus when free SSL/TLS became very very easy for just about anyone setting up a web server, hence the comic citing 2015. However even with a valid cert you might have a number of issues, like [https://www.mixedcontentexamples.com/ mixed content]. At least in Firefox, an expired cert gives a big warning screen that gives you an option to add a security exception; I don't care enough to install Chrom{e,ium} to test its UI. [[Special:Contributions/172.69.69.250|172.69.69.250]] 08:30, 18 June 2022 (UTC)
 +
 +
Not sure it's true that if there is a problem with HTTPS like an expired cert that the connection is made with HTTP instead. [[Special:Contributions/172.69.79.201|172.69.79.201]] 10:11, 18 June 2022 (UTC)

Revision as of 10:11, 18 June 2022


HTTPS was standardized in 2000 or so, so 2015 is quite a stretch for a site to not use it because the site was last updated before HTTPS was widely available. With pretty much any browser now, a red line through HTTPS means that the site _is using HTTPS_, but it is _not trusted by the browser_ (due to e.g. the certificate being self-signed or expired). Darrylnoakes (talk) 04:28, 18 June 2022 (UTC)

I think the intended joke is that the site's certificate expired in 2015, instead of the site is not using HTTPS. 108.162.221.101 06:29, 18 June 2022 (UTC)
2015 is when the first Let's Encrypt certs were issued, and 2016 is when LE became generally available to the public and thus when free SSL/TLS became very very easy for just about anyone setting up a web server, hence the comic citing 2015. However even with a valid cert you might have a number of issues, like mixed content. At least in Firefox, an expired cert gives a big warning screen that gives you an option to add a security exception; I don't care enough to install Chrom{e,ium} to test its UI. 172.69.69.250 08:30, 18 June 2022 (UTC)

Not sure it's true that if there is a problem with HTTPS like an expired cert that the connection is made with HTTP instead. 172.69.79.201 10:11, 18 June 2022 (UTC)