- Dec 2023 ~60 so far
- Nov 2023 ~200
- Oct 2023 ~100
Where does the initial cryptographic verification come from? I’m not arguing that you can’t pin certificates.
There is no way a user can know the website is real the first time it’s visited, without it presenting a verifiable certificate. It would be disastrous to trust the site after the first time you connected. Users shouldn’t need to care about security to get the benefits of it. It should just be seamless.
There are proposals out there to do away with the CAs (Decentralized PKI), but they require adoption by Web clients. Meanwhile, the Web clients (chrome) are often owned by the same companies that own the Certificate Authorities, so there’s no real incentive for them to build and adopt technology that would kill their $100+ million CA industry.
I can’t explain the differences in comment tone, but the differences in votes are understandable. People don’t like to see duplicate posts in their feed.
Personally, if I want to upvote a particular that has a duplicate I’ll always upvote the one with more upvotes. And I’ll usually downvote the other, too. I don’t want to have to open both posts to read the comments, so I’d like the community to align behind one of the two posts as the “real” one.