bentasker: "bentasker: "If the user-agent can reach you via HTTPS for you to redirect back to HTTP, ther""

If the user-agent can reach you via HTTPS for you to redirect back to HTTP, there isn't really any credible reason to then prevent them using HTTP. If a device cannot reach you via HTTPS (because they're using older ciphersuites etc) then the redirect cannot be served anyway