Re: [outages] Akamai Cert Issues today
----- Original Message -----
From: "coolhandluke via Outages" <outages@outages.org>
-We're wondering what happened yesterday to break all these disparate websites
note that this is *by design*, as sean pointed out.
the "fix" is simple: don't use https on www.irs.gov. any ssl pages served by the irs as served on different hostnames.
as to why your users just started it, nfi. my best guess is that they weren't using https previously.
Well, "more people may be using HTTPS-Anywhere" may have something to do with it. Or, it might be that some new browser release just enabled HTTP/2.0, which in many implementations *requires* SSL and might also trip this, as noted in a posting on the topic which I just inadvertantly posted to this same mailing list 5 minutes ago. :-) Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
On 2015-10-04 14:42, Jay Ashworth wrote:
as to why your users just started it, nfi. my best guess is that they weren't using https previously.
Well, "more people may be using HTTPS-Anywhere" may have something to do with it.
fwiw, https-anywhere doesn't just try to connect via https to every site you visit. there are rules that control where it will use https over plain http. irs.gov and www.irs.gov are explicitly disabled, however, so it's not this. cf. https://goo.gl/zTlzAu, lines 135-136.
Or, it might be that some new browser release just enabled HTTP/2.0, which in many implementations *requires* SSL and might also trip this, as noted in a posting on the topic which I just inadvertantly posted to this same mailing list 5 minutes ago. :-)
that's possible, i don't know enough about http/2.0 to comment. -- coolhandluke
participants (2)
-
coolhandluke
-
Jay Ashworth