Y
Hacker News
new
|
ask
|
show
|
jobs
by
Control8894
749 days ago
Perhaps, but the other realistic option is a self-signed cert. Since browsers refuse to implement any kind of TOFU or otherwise 'trust history', a self-signed cert is pretty much exactly equivalent to no TLS at all.