Hacker News new | past | comments | ask | show | jobs | submit login

1) Why not implement passive encryption? Like StartTLS in SMTP? No need for HTTPS; could be part of HTTP/2 over port 80.

2) Pinning?

3) No, let's not do that. I want to be able to access my sites from my 2-year old devices that don't support SNI, like Android 2.3.




Do you really care about accessing sites with 10-year-old mobile devices using only stock apps (emphasis: long term)?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: