[jabberwcky]

Are you attacking him because he's using TLS? Will you ever be satisfied?

TLS fixes a whole lot more than just privacy, it's also authenticating the remote end. Are we really suggesting dumping something that is trivially accelerated in hardware to do some homebrew crypto crap just for the sake of a forum thread?

Netflix solution is fine, and the concentration of interest in TLS means it only gets cheaper over time to build Netflix-like configurations, which is especially great since we've spent the past decade or more trying to convince the entire industry this configuration is also best practice

[cperciva]

I'm just pointing out that the privacy justification is nonsense. Protecting the integrity of connections? That's important. Preventing web browsers from throwing a fit about "insecure connections"? That's also important. But privacy isn't the issue here, and I've talked to enough people at Netflix to know that they know that too.

[bobthebuilders]

Most people can download a program that sniffs HTTP. Using side channels is not a simple affair.