General Discussion • Re: Enforced https on public sites

suckerpinch | No one can force me to have a secure website!!!

Yes they can ... I have been managing my institute's website since 1993 (!) to 2004 and again since 2008 to 2019. I have been managing a website on my own machine at work for both internal usage and scientific data exchange. All plain http, and all static HTML written by hand. Never had any need of https (i.e. an SSSL-capable apache) except for a short time I set up a webmailer to access a private IMAP server on my machine (now disused) for which I used a self-signed certificate (one of the collateral effect of using https is that you have to get certificates). However now the national academic network authority seems to have delegated security checks to a higher national authority, which is scanning the various servers and insists in https.