<div dir="ltr">Hi,<div>following a report in twitter I found that we support only HTTP and not HTTPS access</div><div>to the <a href="http://lists.ovirt.org">lists.ovirt.org</a> (<a href="http://www.ovirt.org">www.ovirt.org</a> supports https).</div><div><br></div><div>The question is if we wish to allow https which is becoming mandatory these days?</div><div><br></div><div>another related question, is if we wish to support HSTS which is the next step and Google starts enforcing it in its domain[2].</div><div><br></div><div>Thanks,</div><div>Doron</div><div><br></div><div>[1] <a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security">https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security</a></div><div>[2] <a href="http://www.zdnet.com/article/googles-hsts-rollout-forced-https-for-google-com-aims-to-help-block-attacks/">http://www.zdnet.com/article/googles-hsts-rollout-forced-https-for-google-com-aims-to-help-block-attacks/</a></div></div>