Firefox

20411 readers

79 users here now

/c/firefox

A place to discuss the news and latest developments on the open-source browser Firefox.

Rules

1. Adhere to the instance rules

2. Be kind to one another

3. Communicate in a civil manner

Reporting

If you would like to bring an issue to the moderators attention, please use the "Create Report" feature on the offending comment or post and it will be reviewed as time allows.

founded 5 years ago

MODERATORS

k_o_t@lemmy.ml

golden_zealot@lemmy.ml

299

Say (an encrypted) hello to a more private internet. | The Mozilla Blog (blog.mozilla.org)

submitted 2 years ago by kixik@lemmy.ml to c/firefox@lemmy.ml

29 comments fedilink hide all child comments

r/privacy

you are viewing a single comment's thread
view the rest of the comments

[–] MajorHavoc@lemmy.world 21 points 2 years ago (1 children)

As someone knowledgeable on the subject, this was my journey:

Mozilla: "While HTTPS encryts web page contents, many middlemen can still see the URL of the sites you visit."

Me: "Yes, we know this is a problem. It has been for a long time. But if you're adding some kind of complex new solution, it's going to cause issues for..."

Mozilla: "We added public key encryption to DNS."

Me: "Oh shit, that's really smart, and it'll just work."

The brilliance of this move is public key encryption is old and widely supported and DNS is old and universally supported. I think we will see broad support roll out quickly on this one (at least compared to glacial scale of changes across the Internet.)

[–] andrew@lemmy.stuart.fun 3 points 2 years ago

This should also be done for CA keys. If ACME can make DNS ownership the source of trust, just let me stuff my own root CA cert in a DNS record and skip the middle man.