|
|
|
|
|
|
by high_byte
1694 days ago
|
|
|
end-to-end encryption means that the underlying data is visible only on both ends, hence safe to transport via any medium. if for instance someone performs MITM, anywhere along the line, won't allow them to decrypt the data. replacing certificates requires control of either machine, in which case you'd have bigger problems. then there's the question of how secure is the encryption, which is a rabbit hole of it's own: key size, random generator effectiveness, correct padding, correct implementation or even which layer eg. HTTPS still has exposed SNI, and it goes on and on... |
|
|
theoretically there could be flaws in any component, including even stolen root certificates, or super computers, even quantum computers. it comes down to price of the safe vs. value inside.