alt Hacker NewsWhat’s on HTTP?
Comments
HTTP is incomparibly less fragile than HTTPS which is why HTTP+HTTPS is such a great solution for websites made by human persons for human persons. Lets be clear, corporate or institutional persons using HTTPS alone is fine and reasonable. But for human use cases HTTP+HTTPS gets you the best of both worlds. No HTTPS cert system ever survives longer than a few years without human input/maintainence. There's just too much changing and too much complexity. From the software of the user to the software of the webserver.
Which is to say, HTTP is not some "ancient" tech like an analog television. It is a modern technology used today doing things that HTTPS can't.
Not very useful when most of the pages are default web server pages.
[dead]
[dead]
[dead]
tldr for anyone skimming: the key insight is in section 3
[dead]
[flagged]
HTTP only is fundamentally disrespectful to your users. It places your needs above theirs. It assumes that your threat model is the same as theirs. There is no excuse for it in 2026.