Don't efforts like http://letsencrypt.org/ mitigate most of the burden that HTTPS has been (and as of now, still is)? Granted, it isn't out yet, but it promises https with: "No validation emails, no complicated configuration editing, no expired certificates breaking your website. And of course, because Let’s Encrypt provides certificates for free, no need to arrange payment." (from "how it works"). It's worth considering what things should be plaintext.. but the opportunities by 'whoever runs the wifi', ISPs, or governments to inject arbitrary content, malware, spyware, terrible advertizing are surely worth routing around by default if it really is as free and simple as the ISRG would have us believe.
-a On Sun, May 10, 2015 at 5:52 PM, nettime's_castaway <[email protected]> wrote: > < https://medium.com/@b_k/https-the-end-of-an-era-c106acded474 > > > HTTPS: the end of an era > > Ben Klemens > > Mozilla, the foundation that maintains Firefox, has announced that it > will effectively deprecate the insecure HTTP protocol, eventually > forcing all sites to use HTTPS if they hope to use modern features. <...> # distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mx.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: [email protected]
