| ▲ | Avamander 2 days ago | |
> It's that more complex stuff is inherently more prone to security vulnerabilities That's overly simplifying it and ignores the part where the simple stuff is not secure to begin with. In the current context you could take a HTTP client with a formally verified TLS stack, would you really say it's inherently more vulnerable than a barebones HTTP client talking to a server over an unencrypted connection? I'd say there's a lot more exposed in that barebones client. | ||
| ▲ | g-b-r 2 days ago | parent [-] | |
The alternative of the article was ACME vs other ways of getting TLS certificates, not https vs http. Of course plain http would be, generally, much more dangerous than a however complex encrypted connection | ||