alt Hacker NewsHTTP only is fundamentally disrespectful to your users. It places your needs above theirs. It assumes that your threat model is the same as theirs. There is no excuse for it in 2026.
HTTP only is fundamentally disrespectful to your users. It places your needs above theirs. It assumes that your threat model is the same as theirs. There is no excuse for it in 2026.
HTTP is still the best solution for intranet sites... as long as you cannot run your own fully local CA as hassle-free as DHCP, HTTP will never die.