-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Encryption everywhere is good.
You mean Evers public information should be encrypted? I.e. Radio vor TV?
Can't see the "feature", sorry...
Once a connection is encrypted and certificate-protectedhole class
of worries can be removed from the threat models; having fewer things
to
worry about is great when designing protocol stacks.
This is correct by theory in many, but not all cases and not in practice.
A https geht takes up to multiple times of energy and computing resources. I
prefer efficiency even in protocols - resources should be user for real (not
only theoretic) added value.
Browser HTTP-SSL/TLS isn't "just encrypt and forget" as long as you really
unterstand the whole infrastruture and setup in practice including their
implications today - and not in theory only. This is not like and comparable
with the migration from telnet to SSH and even not with SMTP TLS/SSL...
And getting a faked x509 i.e. for mitm is more a question of some money and/or
third party CA securitiy and not at first of secure crypto algos or similiar.
And blocking plaintext http is no feature - it is at max a lack of...
Sorry...
best regards,
Niels.
- ---
Niels Dettenbach
Syndicat IT & Internet
http://www.syndicat.com
-----BEGIN PGP SIGNATURE-----
iQJZBAEBCABDPBxOaWVscyBEZXR0ZW5iYWNoIChTeW5kaWNhdCBJVCAmIEludGVy
bmV0KSA8bmRAc3luZGljYXQuY29tPgUCVWzMLAAKCRANu1qIRZIqRCI8EACgOBnR
b+bcXVnqjjyR9CiPdOpQTQ2/gie2p4ECdhaKcgFna1yn2HBUM6VXw9RZXqnGUtq6
4ItZiiK6xng3osO2xJEBM/316SG5RHX+g2mzmf8qqcI2tmp4okXrAqaxvPgTYuXW
dE5GTabG1np+qIXR3M6gG5xEqjxlsPLr0DPGc+N8XERzR/26vn84lYLhSMdtmm69
dK1jYxMOEEnQFTmkgSa/5AT07NCgmqu6lWGTp/pT8I9vaXnyFnYy79EAHB2rjj4w
5QeUrmxlIGuc6qE4dkE/hn30dQYX1sB7EMMc1AugEw/AFG9XOtp9PYMALXmCPODr
YysImmxmLi3bmOtPmGkJdnUZlCSPkRYAwqBU7Mj3216+y/BJTE+cjeoKGhOtAXK3
eG0m3XDNDY6RYkmg2fbAqsCyjVNIuEp13o70UZVJTbNKxX9WY26Rw/g0GY2Ek33O
OZkb2GvrX69YRsubPY6qr9GzoBEVBBSzaFhepsjpEo6DB1BJIuh/Ud6L5J2RMK6o
4yUoEB5PKH45Zjk2toF5kgFrEK2uEb9xgY/hB4MU1XyMBDNrWfqVNTsah9HIwxPP
4DrWwVWBzOeM+DayEa+cTV4q/5eZD5h61fvl5CtjOJACPTMbaO0s6eySqYpvanjp
DoozGagx1n568TDssO28RSDAL89hEElDjU7lkQ==
=fXAA
-----END PGP SIGNATURE-----