undefined | Better HN

0 pointsvtlynch10y ago0 comments

>Now anyone who wants to setup a website, for whatever reason, has to go thru some central authority

Which 99% of people already do when the buy a domain name.

There is NO evidence that using SSL restricts your freedom of speech. There is evidence to the contrary though, where SSL allowed people to speak freely without having their communications intercepted or monitored.

Certificate Authorities only reject websites for certificates in rare cases where the domain bears resemblance to a well known company (such as "paaypal.com" or "microsoftproducts.com"). This is not something that every CA does not something that a CA HAS to do.

There is no "false" sense of security HTTPS IS encrypted, and CA signed certificates ARE authenticated. Claims that the whole CA system is MiTM by government are largely unsupported, and if you believe that, then you are screwed over HTTP anyway.

I dont disagree that there are some disadvantages to an HTTPS-only web, but those generalizations are wrong.

0 comments

idibidiart10y ago

"HTTPS IS encrypted"

Oh wow. Really? You haven't done your homework then. So many ways to undermine the certificate authority model, including many famous cases, one involving the Iranian government gaining access to their citizen's "encrypted" traffic. HTTPs is about having traffic be open to powerful entities and closed off to the common criminal. It's a two tier model, not real security.

j / k navigate · click thread line to collapse