This is true, but browsers now may make htttp:// an almost deprecated protocol and invoke warnings and burdens to fetch.
An https:// endpoint to the ip with an address naming certificate is a low bar goal server side, to prevent current or future fetches should this de-preferencing continue. I would acknowledge curl and wget and code embedded fetch libraries don't do this. G On Sat, 24 Jan 2026, 2:10 pm Wes Hardaker, <[email protected]> wrote: > Michael Richardson <[email protected]> writes: > > > It could be equally be XoH, AXFR-over-DoT. > > Do note that if you are checking ZONEMD and DNSSEC then HTTP is just > fine without the S. You most likely don't need the integrity or > privacy. Some signed firmware for "things" are downloaded over http > because it aleviates the problems related to ensuring the TLS stack > works properly when the protection is provided at the object layer. > > -- > Wes Hardaker > Google > > _______________________________________________ > DNSOP mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
