diff options
Diffstat (limited to 'ewww.md')
| -rw-r--r-- | ewww.md | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -25,8 +25,9 @@ expressed as _scenarios_ in the acceptance criteria chapter. on my Thinkpad T480 laptop. A self-signed certificate is OK. * Fast, time from starting server to having served first HTTPS request should be at most 100 ms. -* Serves only HTTPS, except what Let's Encrypt needs to be served over - plain HTTP. +* Serves only HTTPS, except what needs to be served over plain HTTP, + e.g., for Let's Encrypt certificate validation. Any plain HTTP + access must be explicitly allowed. I don't need flexibility, and I don't want to configure anything that's not essential for this. Hardcoded assumptions are A-OK, if my |