Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Would you also make TLS opt-in for each website?


TLS is opt-in for each website. If a web server doesn't specifically listen with a TLS certificate, users don't connect with one.

Browsers will often attempt that connection, and then tell the user ~"Hey we tried to connect with HTTPS, but the server didn't respond. Do you want to try an unencrypted connection"

But there's no case where Chrome will look and see "oh look, akerl has published a cert on this other site, we're going to just send traffic encrypted to that cert when we connect to his website".


KOO is opt-in for each recipient. The recipient has to upload a key to KOO.

Obviously, OpenPGP works differently from TLS, and TLS does not have a concept of key servers - but key servers are absolutely not a new invention for OpenPGP, and it shouldn't be surprising that if you upload your key to one, you might get an encrypted email.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: