> Some people don't want to be forced to run a bunch of stuff they don't understand on the server

It's not just about not understanding, it's that more complex stuff is inherently more prone to security vulnerabilities, however well you think you reviewed its code.

▲

Avamander 2 days ago | parent [-]

> It's that more complex stuff is inherently more prone to security vulnerabilities

That's overly simplifying it and ignores the part where the simple stuff is not secure to begin with.

In the current context you could take a HTTP client with a formally verified TLS stack, would you really say it's inherently more vulnerable than a barebones HTTP client talking to a server over an unencrypted connection? I'd say there's a lot more exposed in that barebones client.

	▲	g-b-r 2 days ago \| parent [-]
		The alternative of the article was ACME vs other ways of getting TLS certificates, not https vs http. Of course plain http would be, generally, much more dangerous than a however complex encrypted connection