Since Hugo said that I would: On Tue, Jan 23, 2024, at 19:17, Hugo Landau wrote: > Of course people will argue how you are supposed to know you have a > trusted environment.
Yep. The fact is that most people don't have the necessary degree of control over the environment in which their services are deployed that removing encryption would be a sensible thing. Many of us run services on other people's computers, which are housed in other people's buildings. We might need to trust these people to some extent, but that doesn't mean trusting that they maintain adequate hygiene that guarantees that our precious information (or the information we handle on behalf of others) does not leak into management systems or the services that run on the same computers. Mistakes happen that could mean a flow of information being sent to someone else entirely. A bit flip in addressing is all that would take, even if you assume that the network management is absolutely without fault. The fact is that encryption is a cheap and manageable way to easily avoid a whole bunch of bad outcomes.
