Hacker News new | past | comments | ask | show | jobs | submit login

You looked at a position saying it wasn't important, gmail or bank level important, to secure webcomics. You then argued that position was completely okay with having webcomic visits altered. That's a strawman.



I am not sure where you are getting this from, though it is very probably I wasn't completely clear. To clarify:

I believe all content (banks, GMail, XKCD) should be served over HTTPS and protected by a trusted certificate. Self-signed certs are not trusted and should not be (the problem of "should GMail give me a self-signed cert?" cannot be solved; you need some type of external trust).

Notice, I am not saying trusted and signed by a CA. We can replace the trust model and do something different to fix the currently broken CA system. However, I never argued and am not arguing that some content is OK to be served over plain HTTP.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: