> Kevin Chadwick writes: > > The cvs page fingerprint page could be https enabled, however you can > > use googles cache over https, also buy a CD to help the project greatly > > would do far more for world security than TLS everywhere and even look > > at mailing list archives over https as a web of trust. > > > > ISPs snooping is a compelling reason but not enough for me to adopt > > HSTS, a VPN makes more sense. I changed my ISP instead though ;). > > There are valid complaints about HTTPS (generally involving the CA > system, sthen brought some of them up), but some of these responses are > just ridiculous. I mean, really? "ISPs snooping is a compelling reason > but not enough for me to adopt SSH instead of telnet, a VPN makes more > sense." >
If you are going to quote and criticise a comment then you should a.) Get the quote right b.) backup your criticisms What is your problem with it, there are many VPN services promoted precisely for this issue as it completely rather than partially stops ISP's monitoring traffic like TalkTalks homesafe service that is likely hackable itself. HSTS is not telnet?? it is something that I looked into in the early days of it's support and decided that unfortunately I could not deploy it on my site as I believe it still means all of a domain must use https once a browser has been notified for x time period as tracking individual pages would be a huge burden for browsers. > And you would trust signify keys from Google Cache? Come on. Do I trust google... with this yes, as much as OpenBSD especially considering they were acquired over http, of course not and I never said I did. My meaning (if you had actually read my previous thread mails) was that a couple of pages over https would be an improvement but all of OpenBSD.org would be sub optimum. I'm not trying to avoid the NSA. The point is that it's not the biggest issue in the world as you can confirm in various ways like getting them over https as a *second* check and it is hardly likely that a hacker can modify both (same network as openbsd.org) and not get noticed. I'm guessing the NSA avoid getting any snooping noticed btw, unless it's on purpose! -- KISSIS - Keep It Simple So It's Securable
