see TimBL's "don't break the web" request to keep the uris the same, regardless of method of access. http://www.w3.org/DesignIssues/Security-NotTheS.html ________________________________________ From: ietf <ietf-bounces@xxxxxxxx> on behalf of Jari Arkko <jari.arkko@xxxxxxxxx> Sent: Tuesday, 2 June 2015 9:41:08 PM To: Mark Nottingham Cc: ietf@xxxxxxxx Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF" Mark: > I support this policy. Thanks. > I'd suggest that if it's felt that cleartext content needs to be available, it NOT be at <http://www.ietf.org/> (and similar); it should be on a different hostname; e.g., <http://www.cleartext.ietf.org/>. The http version of the URL should 301 to the corresponding https resource, and HSTS should be in use. That’s very good feedback - thanks. We will take it into consideration. Jari