Remix clone Hacker News

new | show | ask | jobs Github

▲

bullen 2 hours ago

I would say:

1) Use HTTP (secure is not the way to decentralize).

2) Selfhost DNS server (hard to scale in practice).

3) Selfhost SMTP server (also tricky).

4) Know and backup your router (dd-wrt or iptables).

JSON over HTTP is the way.

XML is not bad for certain things too; even if I understand the legacy of abuse.

▲

zrm 2 hours ago | parent | next [-]

> Use HTTP (secure is not the way to decentralize).

This doesn't seem like useful advice. If you're going to use HTTP at all there is essentially zero practical advantage in not using Let's Encrypt.

The better alternative would be to use new protocols that support alternative methods of key distribution (e.g. QR codes, trust on first use) instead of none.

> Selfhost DNS server (hard to scale in practice).

This is actually very easy to do.

▲

bullen an hour ago | parent [-]

Let's Encrypt is not part of our friends here.

DNS is easy for yourself, but if you host it for others (1000+ of people) and it needs to have all domains in the world, then it becomes a struggle.

	▲	zrm 29 minutes ago \| parent [-]
		Let's Encrypt is a non-profit that defeated the certificate cartel. The main thing you get from using HTTP without it is bad security. DNS can answer thousands of queries per second on a Raspberry Pi and crazy numbers on a single piece of old server hardware that costs less than $500.

▲

pixl97 2 hours ago | parent | prev [-]

1) so how do you validate the http the client receives is the http you sent?

▲

forgotmypw17 2 hours ago | parent [-]

Validate it yourself with hashing and PKI. Yes, it needs bootstrapping, just like centralized HTTPS needs bootstrapping.

	▲	bullen 2 hours ago \| parent [-]
		Wow, thanks! Also if people need more food for (decentralized) thought: https://datatracker.ietf.org/doc/html/rfc2289