[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lynx-dev] TLS-"transport layer security" & LYNX

From: Mouse
Subject: Re: [Lynx-dev] TLS-"transport layer security" & LYNX
Date: Sat, 28 Jul 2018 11:53:59 -0400 (EDT)

>>> [...] webservers that refuse to serve anything over HTTP except a
>>> redirect to HTTPS.
>> They are just following an industry trend orchestrated by Google.
>> [...]
>> It's difficult to get a good explanation for the policy, [...]
> The reason that https is being mandated is so that everyone has
> protection from the NSA and other governments and companies

_That_ protection was blown when the first wildcard cert was issued -
or, if you think of it another way, when support for wildcard certs was
implemented.  (I'm not convinced the publicly available crypto is
secure against letter agencies even when used securely, for that
matter, but that's a separate question, and the above stands even if it
is secure.)

> manipulating connections, blocking connections that are deemed
> "unwanted / illegal / etc.", and spying on user agents.

That's all very well, and I'm glad it's available.  My beef is with
webservers imposing it on clients, rather than letting clients choose.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                address@hidden
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

reply via email to

[Prev in Thread] Current Thread [Next in Thread]