Force https for website?

Mark Doliner mark at
Mon Apr 1 03:50:57 EDT 2013

How do people feel about redirecting from http to https for all URLs on

My reasons for wanting to do this are:
- Secure interactions with the protocol documentation wiki to prevent
password stealing and session hijacking.
- Reduce the chances of a MITM sending altered content to a user.  This is
extremely unlikely, because who in their right mind would want to mess with
this content...?  I mean, who cares?

- We'll have to keep buying SSL certs.
- Little bit slower to load, especially for users with high latency to our
server, (TLS negotiation requires  more round trips).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Discussion mailing list