[184510] in North American Network Operators' Group
Re: [outages] Akamai Cert Issues today
daemon@ATHENA.MIT.EDU (coolhandluke)
Sun Oct 4 17:31:37 2015
X-Original-To: nanog@nanog.org
Date: Sun, 04 Oct 2015 17:28:36 -0400
From: coolhandluke <coolhandluke@coolhandluke.org>
To: nanog@nanog.org
In-Reply-To: <33190431.678.1443984125928.JavaMail.root@benjamin.baylink.com>
Errors-To: nanog-bounces@nanog.org
On 2015-10-04 14:42, Jay Ashworth wrote:
>> as to why your users just started it, nfi. my best guess is that they
>> weren't using https previously.
>
> Well, "more people may be using HTTPS-Anywhere" may have something to
> do with it.
fwiw, https-anywhere doesn't just try to connect via https to every site
you visit. there are rules that control where it will use https over
plain http.
irs.gov and www.irs.gov are explicitly disabled, however, so it's not
this.
cf. https://goo.gl/zTlzAu, lines 135-136.
> Or, it might be that some new browser release just enabled HTTP/2.0,
> which
> in many implementations *requires* SSL and might also trip this, as
> noted
> in a posting on the topic which I just inadvertantly posted to this
> same
> mailing list 5 minutes ago. :-)
that's possible, i don't know enough about http/2.0 to comment.
--
coolhandluke
