The reason for this thread comes in the sequence of this one also started by me. This time I wanted to make sure that WSA would uninstall all the way through (for no special reason ), and to my surprise, and I'm not sure if this is what happened before, as I don't remember, WSA uninstall confirmation page is provided to the user over HTTP and not HTTPS. That wouldn't be a problem (over HTTP), if the license wasn't sent in the URL, but it is. The page supports HTTPS, so shouldn't it default to HTTPS instead of HTTP? Am I the only seeing the wrong approach by using HTTP?