I was hoping to see something about optional SSL/TLS. I'm even willing to pay fo...

jsingleton · on May 27, 2015

You can use CloudFlare with flexible SSL in front of it and set up a page rule to redirect to HTTPS.

gabrtv · on May 27, 2015

I had no idea. That's great news!

drewbug · on May 27, 2015

Be warned, though: this will only create a secure connection between the user and CloudFlare, not between CloudFlare and GitHub Pages.

tracker1 · on May 28, 2015

While a potential for concern... I would guess that CloudFlare's own routing would take them to an exit node close to Github's... that does make quite a few assumptions though. It would still be more complicated to mitm between CloudFlare and Github than ISP-X (or China) and Github...

cben · on May 30, 2015

There already kinda is TLS on github.io but it's only user<->CDN, CDN<->Github is unencrypted. [https://konklone.com/post/github-pages-now-sorta-supports-ht...]

And it doesn't work on custom domains (Github can't present a cert for your domain); you can make it "work" via Cloudflare but that only works if Cloudflare doesn't validate Github's cert, which introduces yet another unsecure link. [https://github.com/isaacs/github/issues/156]

cben · on May 31, 2015

Edit: forgot to say I'm also willing to pay for it.