this post was submitted on 02 Jul 2024
706 points (97.3% liked)

Asklemmy

43940 readers
827 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] KillingTimeItself@lemmy.dbzer0.com -1 points 4 months ago (1 children)

it depends on the application, if you're just serving a static site, or talking on a public chatforum, yeah encryption is pointless.

If you're talking an SSH tunnel? Yeah no this is stupid.

[โ€“] frezik@midwest.social 4 points 4 months ago* (last edited 4 months ago) (1 children)

Encryption everywhere isn't about the individual content. By making it ubiquitous, it's harder for bad actors to separate the encrypted data they want from the one's they don't. If only special content is encrypted, then just the fact that it's encrypted is a flag for them. It also makes it much harder to ban. It's pretty much impossible to ban the algorithms in TLS at this point. Too much depends on it.

[โ€“] KillingTimeItself@lemmy.dbzer0.com 1 points 4 months ago (1 children)

it's a good thing the entirety of https traffic has encrypted headers than...

Regardless, if it's properly encrypted it doesn't matter if they have it, and are able to confirm who it's from, unless we're talking about a governmental agency or an org with access to one of those mythical quantum computers. In which case it's probably a significant portion of future security.

[โ€“] frezik@midwest.social 1 points 4 months ago

TLS already has algorithms hardened against QC. The effects of QC against encryption are greatly exaggerated, anyway. The number of qubits that would be needed to break encryption may be too large to ever be feasible.

Get IPv6 going and stuff like SNI becomes unnecessary.