Perspectives Project site’s use of HTTPS is confusing

[aleksejrs]

Go to https://addons.mozilla.org/en-US/firefox/addon/perspectives/

• that redirects to http://www.networknotary.org
• that redirects to http://perspectives-project.org
• links there are like http://perspectivessecurity.wordpress.com/get-involved/ , which redirect back to http://perspectives-project.org/get-involved/

Shouldn’t the project itself use SSL for its site? Well, I can use an https URL, which uses a wordpress certificate (So it needs an exception. Should I use an exception, or is that unwise?). Then links at the pages are like https://perspectivessecurity.wordpress.com/get-involved/ (SSL) , which redirects to http://perspectives-project.org/get-involved/ (no SSL). Even if I don’t force SSL for perspectives-project.org, HTTPS Everywhere forces it for the perspectivessecurity.wordpress.com links, which then still redirect to non-SSL perspectives-project.org.

I think the site could instead be an example of how to use SSL, or at least clarify why it (or some links to it) is not using it.

[aleksejrs]

I’m sorry, I had forgotten about HTTPS Everywhere when beginning the report. Still, it is a little confusing by itself that the site does not use SSL.

[ThrawnCA]

How about providing both HTTP and HTTPS, with a self-signed certificate on the HTTPS channel? Now that's a proof-of-concept :D

[ghost]

https://perspectives-project.org/ does exist already. => Close?