On 2015-10-04 14:42, Jay Ashworth wrote:
as to why your users just started it, nfi. my best guess is that they weren't using https previously.
Well, "more people may be using HTTPS-Anywhere" may have something to do with it.
fwiw, https-anywhere doesn't just try to connect via https to every site you visit. there are rules that control where it will use https over plain http. irs.gov and www.irs.gov are explicitly disabled, however, so it's not this. cf. https://goo.gl/zTlzAu, lines 135-136.
Or, it might be that some new browser release just enabled HTTP/2.0, which in many implementations *requires* SSL and might also trip this, as noted in a posting on the topic which I just inadvertantly posted to this same mailing list 5 minutes ago. :-)
that's possible, i don't know enough about http/2.0 to comment. -- coolhandluke