Remix clone Hacker News

If that were true, we would not have Let's Encrypt and tools which can give us certificates in 30 seconds flat once we prove ownership.

The real reason was Snowden. The jump in HTTPS adoption after the Snowden leaks was a virtual explosion; and set HTTPS as the standard for all new services. From there, it was just the rollout. (https://www.eff.org/deeplinks/2023/05/10-years-after-snowden...)

(Edit because I'm posting too fast, for the reply):

> How do you enjoy being dependent on a 3rd party (even a well intentioned one) for being on the internet?

Everyone is reliant on a 3rd party for the internet. It's called your ISP. They also take complaints and will shut you down if they don't like what you're doing. If you are using an online VPS, you have a second 3rd party, which also takes complaints, can see everything you do, and will also shut you down if they don't like what you're doing; and they have to, because they have an ISP to keep happy themselves. Networks integrating with 3rd party networks is literally the definition of the internet.

▲

nottorp 4 days ago | parent | next [-]

How do you enjoy being dependent on a 3rd party (even a well intentioned one) for being on the internet?

Let's Encrypt... Cloudflare... useful services right? Or just another barrier to entry because you need to set up and maintain them?

▲

icedchai 4 days ago | parent [-]

You are always dependent on a 3rd party to some extent: DNS registration, upstream ISP(s), cloud / hosting providers, etc.

▲

nottorp 4 days ago | parent [-]

And now your list has 2 more items in it …

	▲	icedchai 3 days ago \| parent [-]
		Does it? I need to get a cert from somewhere, whether that's Lets Encrypt for free, or some other company that charges $300/year for effectively the same thing.

▲

chromanoid 4 days ago | parent | prev [-]

I dunno. Self-hosting w/o automation was feasible. Now you have to automate. It will lead to a huge amount of link rot or at least something very similar. There will be solutions but setting up a page e2e gets more and more complicated. In the end you want a service provider who takes care of it. Maybe not the worst thing, but what kind of security issues are we talking about? There is still certificate revocation...

▲

icedchai 4 days ago | parent [-]

Have you tried caddy? Each TLS protected site winds up being literally a couple lines in a config file. Renewals are automatic. Unless you have a network / DNS problem, it is set and forget. It is far simpler than dealing with manual cert renewals, downloading the certificates, restarting your web server (or forgetting to...)

▲

chromanoid 4 days ago | parent [-]

Yes, but only for internal stuff. I prefer traefik at the moment. But my point is more about how people use wix over free webspace and so on. While I don't agree with many of Jonathan Blow's arguments, but news like this make me think of his talk "Preventing the collapse of civilization" https://m.youtube.com/watch?v=ZSRHeXYDLko

▲

ikiris 3 days ago | parent [-]

Traefik without certmanager is just as self inflicted a wound. It’s literally designed to handle this for you.

	▲	chromanoid 3 days ago \| parent [-]
		I have to use an internal cert out of my control anyways. For personal projects I switched to web hosters after some bad experience. But I vividly remember setting up my vps as a teen. while I understand the reasoning it's always sad to see those simpler times go away. and sometimes I don't see the reasoning behind and suspect it's because some c-suites don't see big harm, since it ought to make things safer and those people that are left in the dust don't count anyway...