Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.ar.al/users/aral/statuses/114755575061520553">Aral Balkan (aral@mastodon.ar.al)'s status on Friday, 27-Jun-2025 22:33:06 JST</a><a href="https://mastodon.ar.al/@aral" title="aral@mastodon.ar.al"><img src="https://gnusocial.jp/avatar/4627-48-20250708061101.webp" width="48" height="48" alt="Aral Balkan" style="position: absolute; left: 0; top: 0;">Aral Balkan</a><div><a href="https://infosec.exchange/@ErikvanStraten/114754076728858081" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/279933" title="erikvanstraten@infosec.exchange">Erik van Straten</a></li></ul></div></section><article><p><a href="https://infosec.exchange/@ErikvanStraten">@ErikvanStraten</a> <a href="https://infosec.exchange/@letsencrypt">@letsencrypt</a> Yeah, a security certificate doesn’t guarantee who owns a particular end point,  only that the entity that controls it has access to the private key that was used when the certificate was issued so as to mitigate MITM attacks.</p><p>As far as the Small Web is concerned, that’s a fact of life we have to contend with (I’d much prefer a decentralised system like DANE had succeeded) but I definitely don’t want more hurdles and/or information. You want to be anonymous on your personal site? Go right ahead. There’s no reason to prove that a person quite possible exploring an aspect of themselves at rainbows-and-butterflies.org is actually Jane Someone.</p><p>We just have different use cases, basically.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/5261736#notice-10333135">In conversation</a><time datetime="2025-06-27T22:33:06+09:00" title="Friday, 27-Jun-2025 22:33:06 JST">about 12 days ago</time> <span>from <span><a href="https://mastodon.ar.al/@aral/114755575061520553" rel="external" title="Sent from mastodon.ar.al via ActivityPub">mastodon.ar.al</a></span></span><a href="https://mastodon.ar.al/@aral/114755575061520553">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/2454080">Untitled attachment</a></label><br></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/4853664">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Aral Balkan (aral@mastodon.ar.al)'s status on Friday, 27-Jun-2025 22:33:06 JSTAral Balkan
in reply to
- Let's Encrypt
- Erik van Straten
@ErikvanStraten @letsencrypt Yeah, a security certificate doesn’t guarantee who owns a particular end point, only that the entity that controls it has access to the private key that was used when the certificate was issued so as to mitigate MITM attacks.
As far as the Small Web is concerned, that’s a fact of life we have to contend with (I’d much prefer a decentralised system like DANE had succeeded) but I definitely don’t want more hurdles and/or information. You want to be anonymous on your personal site? Go right ahead. There’s no reason to prove that a person quite possible exploring an aspect of themselves at rainbows-and-butterflies.org is actually Jane Someone.
We just have different use cases, basically.
In conversationabout 12 days ago from mastodon.ar.alpermalink
Attachments
1. Untitled attachment
2. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice