Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 2/25/20 17:29, Mark Thomas wrote: > On 25/02/2020 20:45, Christopher Schultz wrote: >> Mark, >> >> On 2/25/20 14:34, Mark Thomas wrote: >>> On 25/02/2020 15:53, Felix Schumacher wrote: Hi all, as more and more browsers are ma

Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Mark Thomas
On 25/02/2020 20:45, Christopher Schultz wrote: > Mark, > > On 2/25/20 14:34, Mark Thomas wrote: >> On 25/02/2020 15:53, Felix Schumacher wrote: >>> Hi all, >>> >>> as more and more browsers are marking http as unsecure, we >>> should redirect all http requests to tomcat.apache.org to https. > >>

Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Romain Manni-Bucau
+1 with some light (1 month?) notice time in case anyone uses http directly intentionally, will avoid some security breaches http can get, in particular on subdomains. Le mar. 25 févr. 2020 à 21:45, Christopher Schultz < ch...@christopherschultz.net> a écrit : > -BEGIN PGP SIGNED MESSAGE-

Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 2/25/20 14:34, Mark Thomas wrote: > On 25/02/2020 15:53, Felix Schumacher wrote: >> Hi all, >> >> as more and more browsers are marking http as unsecure, we >> should redirect all http requests to tomcat.apache.org to https. > > I really do

Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Felix, On 2/25/20 11:10, Felix Schumacher wrote: > > Am 25.02.20 um 16:57 schrieb Christopher Schultz: >> Felix, >> >> On 2/25/20 10:53, Felix Schumacher wrote: >>> as more and more browsers are marking http as unsecure, we >>> should redirect all h

Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Mark Thomas
On 25/02/2020 15:53, Felix Schumacher wrote: > Hi all, > > as more and more browsers are marking http as unsecure, we should > redirect all http requests to tomcat.apache.org to https. I really don't like this. I'm happy to support https for those people that want to use it but I see no need to

Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Felix Schumacher
Am 25.02.20 um 16:57 schrieb Christopher Schultz: > Felix, > > On 2/25/20 10:53, Felix Schumacher wrote: > > as more and more browsers are marking http as unsecure, we should > > redirect all http requests to tomcat.apache.org to https. > > > We can enable that by adding a rewrite rule to the .ht

Re: Enabling http to https redirects for tomcat.apache.org

2020-02-25 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Felix, On 2/25/20 10:53, Felix Schumacher wrote: > as more and more browsers are marking http as unsecure, we should > redirect all http requests to tomcat.apache.org to https. > > We can enable that by adding a rewrite rule to the .htaccess file >