Re: [dev] TLS / HTTPS support

From: ilf <>
Date: Thu, 31 Aug 2017 20:23:02 +0200

Paul Menzel:
> I understood it the way, that there might be programs not being able
> to deal with TLS.

The first version of SSL/TLS became a standard in 1999. TLS 1.2 is from
2008, over nine years ago:

Any software that can't deal with TLS is IMHO broken - and sucks.

Really, cleartext is evil for many reasons: it lacks confidentiality,
authenticity and integrity - and it opens many opportunities for
downgrade scenarios.

The Snowden relevations have shown that the internet is under attack and
technologists should actively work against that:

Pervasive Monitoring Is an Attack

Confidentiality in the Face of Pervasive Surveillance

So please, let's try to move away from cleartext to encrypted
connections. Offering HTTPS is a huge first step. But let's take another
step and redirect HTTP to HTTPS. (Until it's time to finally turn of


Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
		-- Eine Initiative des Bundesamtes für Tastaturbenutzung

Received on Thu Aug 31 2017 - 20:23:02 CEST

This archive was generated by hypermail 2.3.0 : Thu Aug 31 2017 - 20:36:12 CEST