Re: [gopher] Tor for Gopher
I think DNSSEC was designed for this very issue. DNSSEC + SSL ought to
do the trick, no?
Mateusz Viste <email@example.com> wrote:
> Shortly said, if we assume that the entire CA business is worthless, then
> so is SSL.
> On Tue, 28 Feb 2017 23:15:54 -0800, Bradley D. Thornton wrote:
> > ..
> > SSL ensures that you have an encrypted connection, and I am a proponent
> > of the notion that all HTTP traffic should take advantage of this,
> > especially in light of the fact that search engines now routinely index
> > secure content, and SNI is the way of the name based virtual hosting in
> > the connnectionless oriented browsing environment.
> > If everyone would just once and for all realize that SSL never has
> > verified that you are talking to who the cert says you're talking to,
> > and only that you are talking to an end point via and encrypted session,
> > there would be much less hype over whether everyone should be able to
> > have encrypted communications for free.
Gopher-Project mailing list