On Wed, Feb 12, 2025 at 9:58 AM Jack Bates <jba...@paradoxnetworks.net> wrote: > The software has no concept of what the data is
Which is why the software shouldn't be making a hard decision about appropriate cryptography. The users on the two ends, the folks who do know what the data is, should have the final say. The software should set sensible defaults and then let those users decide what to do about the large and growing gap of failure between the current default and the often still allowed unencrypted plain text. That "curl https://enemieslist.com"; returns a fault is not unreasonable. That "curl --insecure https://enemieslist.com"; also fails reflects faulty thinking on the part of alleged security experts. My personal pain point is out of band access to older servers. They're well past the manufacturer's maintenance so there are no more software updates. I can use nice modern VPN software to secure the channel between me and their LAN, but I have to maintain obsolete versions of web browsers and their dependent libraries along with obsolete versions of Java because the modern ones won't connect. I'd rather have less obsolete bug ridden software around, but the self-appointed security experts have stolen that choice from me. Regards, Bill Herrin -- William Herrin b...@herrin.us https://bill.herrin.us/
