jidanni@jidanni.org wrote:
Is that how Facebook™ or Google™ operate, sending every single component via HTTPS?
No. Only the vital personal settings, password stuff is done that way.
That would mean sending normal pages with http but pretty much all /w/index.php urls using https. Seems odd at first, but it could work. Another option would be to digitally sign every token, which is more geek :)
As for not letting people know what pages you are browsing, well, I don't now. Does Google™ offer a way to not let wiretapping people know what pages you are searching? Probably. We Geritol™ Generation users aren't exactly sure to tell you the truth.
It does https://www.google.com so you only share your searches with Google Brother.