"HTTPS Everywhere" forces some changes in the way the Web works that
reduce security. It creates the illusion of security, not the reality.
While it seems a good concept, there's a dark side.
Here's the problem. If everything is encrypted end to end, caching
by ISPs and content delivery ne
On 04/12/14 03:29 PM, John Nagle wrote:
> blah blah blah
tl;dr https can be decrypted by parties that have the private key
1. what does this have to do with https; the same thing applies with http.
2. what does this have to do with https everywhere
3. how is this not 100% self-evident
signatur
