2 comments

[ 4.7 ms ] story [ 18.0 ms ] thread
> The file MUST be accessed via HTTP 1.0 or a higher version, and the file access MUST use the "https" scheme (as per Section 2.7.2 of [RFC7230]).

Why the Security.txt file should not be downloaded via http? I mean is this particular measure a security thing or a security theatre one.