Closed sidtechnical closed 6 years ago
Same with Time.com.
Seems like it is the same issue will all the sites which got the rating D.
@vaibhavmule are we missing something? or is this a legit wrong grading?
Yes, if this is case, then it is issue with all sites
Supports HTTPS and has a valid certificate.
As I have checked, it does redirect https
to http
(Not a good idea.) but have valid certificates
Yes. That exactly was my thought. Let us wait for others to confirm the same.
This is how it checks valid https: https://github.com/dhs-ncats/pshtt/blob/86a860c3c69a71ee29969942cd74f7a29ec16ffd/pshtt/pshtt.py#L732
The grading is correct, According to grading scale. it says, HTTPS available, but downgrades to HTTP
that's when D rating is given.
Secure the news entry for "The Indian Express" has Security Rating D. The only reason it received D instead of F is because it was considered to have a valid HTTPS certificate.
However, in reality it doesn't. It can be checked here directly. So, in my opinion the security rating for The Indian Express should be F.
Please have a look into that if it is genuine !