Comment 25 for bug 1722256

(In reply to Thomas Haller from comment #8)
> (In reply to Bastien Nocera from comment #6)
> > (In reply to Thomas Haller from comment #5)
> > > (In reply to Bastien Nocera from comment #2)
> > > >
> > > > [ 3920.153840] f21v.localdomain NetworkManager[826]: <info> Connectivity
> > > > check for uri 'https://fedoraproject.org/static/hotspot.txt' failed with
> > > > 'Peer failed to perform TLS handshake'.
> > >
> > > In this case, the connectivity check failed because of the SSL connection.
> > >
> > > It is anyway a bad idea to use https for connectivity checking.
> >
> > Why? It protects the user's privacy, at least a tiny bit.
>
> it's a bad idea, because it works bad with detecting captive portals.
>
> And a portal might not handle SSL connections at all (which means we would
> detect "no-connectivity", instead of "portal").
>
> If the portal does handle SSL connections it present an invalid certificate
> and the connection fails again (and to NM it's again not clear that this
> indicates "portal").
>
> Also, we warn now about HTTPS use:
> http://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/
> ?id=eab32a5252e82361a563154cd8bfc3949aaad119

I'd rather have a fallback to HTTP in those cases where HTTPS fails, to ensure the problem is actually with the network and not with the connection, rather than actually hit HTTP in the wide internet all the time when connected.