Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>if you don't use it, your argument literally won't load for a modern audience

this is just a flat-out lie. yes, modern browsers will stilll load websites over http. come on.



Like all things, it's complicated.

Direct sites will load with a "Not Secure" warning, includes on the site might not load without chrome://settings/content/insecureContent

And of course: you won't manage to be visible to Google itself, as you'll be down-ranked for not having TLS.

If you happen to have a .dev domain: you're on the HSTS Preload list, so your site literally won't load.


> And of course: you won't manage to be visible to Google itself, as you'll be down-ranked for not having TLS.

You’ll be visible to Google (otherwise there would be nothing to downrank), you will just be less visible on Google.


And your ISP will be happy to show pop-up advertisements all over your HTTP website.

And you, the owner, will likely be to blame by the user.


What first world ISP does this?


It's not worth it to them precisely because the vast majority of web traffic is served over HTTPS. You can bet they would these days if most traffic was HTTP


Comcast.

If you can call them a first world ISP ;)

https://arstechnica.com/tech-policy/2014/09/why-comcasts-jav...


That was on free Xfnity Wifi. They got called out for it.


Yes. You got the answer to your question. You’re welcome ;)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: