> HTTPS and more specifically Let's Encrypt is a power play to control the internet and prevent counter-culture from forming.

> HTTPS and more specifically Let's Encrypt is a power play to control the internet and prevent counter-culture from forming. By browsers using scare tactics for enforcing https it puts the control of the internet into a handful of CAs making you vulnerable to cancelling. Enabling cancel culture starts with the “undesirables” of the day and ends with authoritarian regime that oppresses everyone that isn't in line with the elite

He's right, you know.

  1. 4 weeks ago
    Anonymous

    What are self-signed SSL certificates dumb dumb

    • 4 weeks ago
      Anonymous

      Browser people made self-signed this big fucking thing where you can't even whitelist them anymore it's fucking lame. You're supposed to run your own fucking CA I guess but that's worse than TOFU.

      • 4 weeks ago
        Anonymous

        >You're supposed to run your own fucking CA I guess but that's worse than TOFU
        Than what? It's not that hard. There are two solutions that support ACME, one is LE's Boulder (shit with no docs), another is Step-ca, it's good except fucking MySQL database storing each JSON in its own field as a string with escaped newlines and quotes.
        Basically, run Step-CA.

        • 4 weeks ago
          Anonymous

          >not that hard
          >being this dumb
          No one would use or trust your CA so it is pointless. If you want to you can and start your own, but that doesn't solve the systematic issue of the browser scare tactics.

          • 4 weeks ago
            Anonymous

            >No one would use or trust your CA so it is pointless
            Your browsers will trust your CA. Same as with any enterprise CA enrollment.

            • 4 weeks ago
              Anonymous

              You fail to understand this doesn't help with untrusted sources, which is basically everyone but yourself. Plus if you're just rolling your own CA it's a pain to copy everywhere and it's a giant security risk. There's a close association with custom CAs and backdoors for a reason.

              • 4 weeks ago
                Anonymous

                there's x509 extensions that allow intermediate CAs to be restricted to certain names, but no browser implements these extensions currently as far as i know

                this literally happened and they backtracked: https://news.harica.gr/article/announcement_kiwifarms/

                a few troons trolling a tiny organization that offers a rare service (onion certs) is a long shot from real power telling the ISRG that they need to stop issuing certs to kiwifarms. it's also a very ineffective means of censorship when they could instead just tell every ISP under their control to stop resolving the clearnet domains.

  2. 4 weeks ago
    Anonymous

    That's a lot of talk, but I still don't see any talk on potential replacements for the HTTPS system.

    • 4 weeks ago
      Anonymous

      any E2E encryption protocol

    • 4 weeks ago
      Anonymous

      it's simply not necessary for 99% of the internet which is informational and not handling any sensitive user input

  3. 4 weeks ago
    Anonymous

    I created a Google Account just to be notified when Xah is streaming but I got no notification even clicking the bell icon.

  4. 4 weeks ago
    Anonymous

    why would CAs ever be used as a vector of censorship over ISPs or registrars?

    • 4 weeks ago
      Anonymous

      ask null

      • 4 weeks ago
        Anonymous

        kiwifarms uses lets encrypt

        • 4 weeks ago
          Anonymous

          this literally happened and they backtracked: https://news.harica.gr/article/announcement_kiwifarms/

  5. 4 weeks ago
    Anonymous

    The CA problem is solved by using tor or tor-like systems which use the public key as the site identifier instead of a domain name. So many problems we have on the internet are because we wanted sites to be "human readable". Tor onion sites are the solution to most censorship online.

    • 4 weeks ago
      Anonymous

      good luck telling the average human "check out my website at 87ujnem839321e2endsdaiodas.onion"

      • 4 weeks ago
        Anonymous

        let the average human perish from the interwebs

    • 4 weeks ago
      Anonymous

      if you're being censored from the internet, it probably means you're losing a much more important power battle in meatspace. focus on that instead. conformity, revolution or death. everything works this way. i don't know why you expect digital identities to work differently.

      ethereum (or other crypto) domains are a much more human-friendly solution that leverages PKI. people have broadly rejected qr codes as inconvenient so i doubt you'll get a significant number of people to switch to

      good luck telling the average human "check out my website at 87ujnem839321e2endsdaiodas.onion"

      a 56-character domain scheme. either way, the management of domains within large organizations would be hellish.

  6. 4 weeks ago
    Anonymous

    https://www.gnunet.org/en/

  7. 4 weeks ago
    Anonymous

    He's not wrong but there's nothing stopping someone from signing their own CA and just saying "It's legit these people are loonies"

    Realistically this would happen if the CAs started trooning out and starting to refuse certificates. As of right now Lets Encrypt makes everything easier than ever.

Your email address will not be published. Required fields are marked *