| ▲ | sugarpimpdorsey 4 days ago | |
> That said, it remains a perpetual struggle to get people to understand the difference between being connected to the legitimate operator of satan.example That's because the browser implementers gave up on trying to solve the identity problem. It's too difficult they said, we'd rather push other things. Google implemented certificate pinning in Chrome for themselves and a few friends, said fuck everyone else, and declared the problem solved. Who cares about everyone else when your own properties are protected and you control the browser? Meanwhile the average user has no idea what a certificate does, whether it does or doesn't prove identity. No wonder they removed the lock icon from the browser. | ||
| ▲ | ameliaquining 3 days ago | parent [-] | |
How would you propose that it should work? | ||