|
|
|
|
|
|
by jjav
14 days ago
|
|
|
This is why, as someone who works in security and encryption and has implemented web server TLS stacks and such, I still oppose the "always-https" idea. TLS is awesome, one of the most valuable developments in Internet history. But, it is important to undewrstand that it is a double edged sword. Requiring a CA, which in practical terms means requiring a publicly known CA, is a choke point of freedom. |
|
|