undefined | Better HN

0 pointsAvamander11mo ago0 comments

> It's that more complex stuff is inherently more prone to security vulnerabilities

That's overly simplifying it and ignores the part where the simple stuff is not secure to begin with.

In the current context you could take a HTTP client with a formally verified TLS stack, would you really say it's inherently more vulnerable than a barebones HTTP client talking to a server over an unencrypted connection? I'd say there's a lot more exposed in that barebones client.

0 comments

g-b-r11mo ago

The alternative of the article was ACME vs other ways of getting TLS certificates, not https vs http.

Of course plain http would be, generally, much more dangerous than a however complex encrypted connection

g-b-r11mo ago

Why the heck was this downvoted

j / k navigate · click thread line to collapse

0 comments

g-b-r11mo ago

The alternative of the article was ACME vs other ways of getting TLS certificates, not https vs http.

Of course plain http would be, generally, much more dangerous than a however complex encrypted connection

g-b-r11mo ago

Why the heck was this downvoted

j / k navigate · click thread line to collapse