Firefox

17763 readers

72 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago

MODERATORS

[email protected]

301

Say (an encrypted) hello to a more private internet. | The Mozilla Blog (blog.mozilla.org)

submitted 1 year ago by [email protected] to c/[email protected]

30 comments fedilink hide all child comments

r/privacy

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 21 points 1 year ago (1 children)

As someone knowledgeable on the subject, this was my journey:

Mozilla: "While HTTPS encryts web page contents, many middlemen can still see the URL of the sites you visit."

Me: "Yes, we know this is a problem. It has been for a long time. But if you're adding some kind of complex new solution, it's going to cause issues for..."

Mozilla: "We added public key encryption to DNS."

Me: "Oh shit, that's really smart, and it'll just work."

The brilliance of this move is public key encryption is old and widely supported and DNS is old and universally supported. I think we will see broad support roll out quickly on this one (at least compared to glacial scale of changes across the Internet.)

[–] [email protected] 3 points 1 year ago

This should also be done for CA keys. If ACME can make DNS ownership the source of trust, just let me stuff my own root CA cert in a DNS record and skip the middle man.