On Wed, Oct 02, 2019 at 05:45:57AM -0400, Valdis Klētnieks wrote: > On Wed, 02 Oct 2019 01:55:13 -0600, "Keith Medcalf" said: > > It is a common fallacy that TLS connections are authenticated. The vast > > majority of them are not authenticated in any meaningful fashion and all > > that > > can be said about TLS is that it provides an encrypted connection between > > the > > two communicating applications. This is perhaps why it is call *transport* > > layer security ... > > Another major disconnect is that TLS validates the hostname that the browser > decided to connect to, not the host you thought you were connecting to..
Sadly, the W3C is stonewalling on the WebMindReading API. - Matt
