Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> proxies can unwrap HTTPS

They cannot get at the plaintext without a certificate warning (or installing a certificate in the user's browser beforehand).



They cannot get at the plaintext without a certificate warning (or installing a certificate in the user's browser beforehand).

Which will get clicked through anyway, so, uh, the security is kinda moot. =)


I don't know why you were downvoted for this, it's a very cogent point— most users would probably click through a big red screen that says "DO NOT VISIT THIS WEB SITE!" We need to be thinking of them when we design our security model.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: