I am itching of Chrome pointing out that my home page is not fully secure.
I suppose some of the links there is pointing to content from my group website that still HTTP by default, http://ucare.cs.uchicago.edu.
But, should I care about HTTPS?
Is it easy to ask techstaff to change my group website into HTTPS by default?
I am wrong, the culprit was a little counter code in my homepage footer
it point to
removing that clear up the warning.
Last time I checked (about a year ago), they said it wasn’t possible. But I know for certain that in case your group homepage is hosted on an individual VM, you can use https://letsencrypt.org to achive what you want.
hmmm, I was hoping that it is something that can be done and maintained by tech staff.
If our group website is not something within their control, that means we need to maintain the certificate always updated by ourself.
I mean, I know how to cron it, but others might not know how to fix it when it gets wrong.
Update: just drop in techstaff office this afternoon, and they set it up immediately
Big thanks to Tom!
There is some argument to be made about not all pages needing https:
Thoughts on the article:
Re. egalitarian attitude: "Google is a guest on the web, as we all are.” - I used to believe that, but it’s too utopian. Given 90% of search traffic through them, and over half of web browsing. Gotta learn how to play Google SEO.
Re. “massive book burning".
I think the Interned needs a Spring Clean.
Putting some things in deep storage, others front and centreis a good idea?
"Files put in places that no one maintains. They just work.” Chrome isn’t stopping them working, it’s just nudging people.
From a Rational Choice point of view, on average better sites will be more likely rescued.
Non-profits Mozilla and EFF nudge users too:
I emailed him but haven’t received a response.
Frankly, a thought-provoking piece like his should have a comment section. Ironically: he’d need HTTPS because users are sending data!
To conclude, the massive popularily of interactive social media experiences has trounced the web in usage, and the web should be interactive to stand a chance, and therefore should be HTTPS by default to increase privacy and security.
Before you think I’m ragging on Dave Winer. I like his use of these little drop-down’s that hide content:
Does anyone know what they are / how to implement them?
Finally, I’ve managed to acheive HTTPS on my sites by having it bundled with hosting (e.g. free with GH Pages, Cloudflare) / website builder (SqSpace, GoDaddy). Are Let’s Encrypt certs free?
Thanks for sharing your thoughts. To me it seems there are fair arguments on both sides. Winer seems rightly concerned that web monopolies like Google and Mozilla are making the decision and pushing for it without due process such as through IETF and W3C. And this transition does make it even more difficult for a layman to create a simple new website that they can host from their own web server.
They are called outliners. Winer has done a lot of work on them. At one point in 2016 or so I was playing with his Fargo software and quite liked it, but he discontinued it soon after. I might like using a stable long-term solution for outlining that works on the web, but haven’t found one yet (not actively seeking either).
A post was split to a new topic: Discussion on Outliners
This topic was automatically closed after 4 days. New replies are no longer allowed.