• KillingTimeItself
    link
    fedilink
    English
    -15 months ago

    it depends on the application, if you’re just serving a static site, or talking on a public chatforum, yeah encryption is pointless.

    If you’re talking an SSH tunnel? Yeah no this is stupid.

    • @frezik@midwest.social
      link
      fedilink
      4
      edit-2
      5 months ago

      Encryption everywhere isn’t about the individual content. By making it ubiquitous, it’s harder for bad actors to separate the encrypted data they want from the one’s they don’t. If only special content is encrypted, then just the fact that it’s encrypted is a flag for them. It also makes it much harder to ban. It’s pretty much impossible to ban the algorithms in TLS at this point. Too much depends on it.

      • KillingTimeItself
        link
        fedilink
        English
        15 months ago

        it’s a good thing the entirety of https traffic has encrypted headers than…

        Regardless, if it’s properly encrypted it doesn’t matter if they have it, and are able to confirm who it’s from, unless we’re talking about a governmental agency or an org with access to one of those mythical quantum computers. In which case it’s probably a significant portion of future security.

        • @frezik@midwest.social
          link
          fedilink
          15 months ago

          TLS already has algorithms hardened against QC. The effects of QC against encryption are greatly exaggerated, anyway. The number of qubits that would be needed to break encryption may be too large to ever be feasible.

          Get IPv6 going and stuff like SNI becomes unnecessary.