[HN Gopher] Avoiding Internet Centralization
       ___________________________________________________________________
        
       Avoiding Internet Centralization
        
       Author : johndbeatty
       Score  : 7 points
       Date   : 2021-12-09 17:10 UTC (5 hours ago)
        
 (HTM) web link (mnot.github.io)
 (TXT) w3m dump (mnot.github.io)
        
       | superkuh wrote:
       | > 5.2. Encrypt, Always: When deployed at scale, encryption can be
       | an effective technique to reduce many inherited centralization
       | risks. ...
       | 
       | The problem here is the word "Always". Encryption is good for
       | just the reasons they say. But _only_ encryption, _always_
       | encryption, not having an option for plain text is highly
       | centralizing in itself. This is because the current status quo
       | for encryption is to use TLS based on certificate authorities.
       | And CAs are always highly centralized and highly centralizing.
       | 
       | If Lets Encrypt ever goes corrupt like dot Org did it would cause
       | an incredible amount of trouble and that entity would have power
       | over a large portion of the web, if not the entire internet.
       | There's an easy solution to this though. Don't throw alway plain
       | protocls. Plain and TLS wrapped are synergistic. Use both.
       | There's no need for, and it is damaging, to always encrypt
       | without an option for plain text.
       | 
       | A hypothetical downgrade attack is not an excuse for using _only_
       | highly centralized TLS CA based protocols in this context.
        
       ___________________________________________________________________
       (page generated 2021-12-09 23:00 UTC)