Securing Downloads with HTTPS
Just read this post over at ArsTechnica. We were just having a conversation on the pros and cons of securing all the transactions in our customer-facing entitlement and download tools, so this is a timely post for us.
Essentially, we agree with the premise of the article: HTTPS (or TLS) is now so inexpensive from a cpu/cyle-time perspective, that encrypted communications should be the default for all transactions, including downloads.
Here is the link to the ArsTechnica post.
Adam Langley wants to encrypt all web traffic, but without having to type those pesky HTTPS URLs. His solution: opportunistic encryption without user intervention.
(Via Ars Technica.)