☭
Offering a plain HTTP web site (and FTP server) is not good for security, but good for retro computing
I love how I can connect an unmodified Netscape 4 on a Solaris 7 system to my web site and it'll just work
@vaporeon_ i like that security culture is a thing but the consequences aren’t really talked about enough. TLS can be too much overhead fur embedded devices, fur example (not that it’s obvious to me why you’d want to run an HTTP server on an embedded device)
@aescling Generally, wide-spread TLS is a good thing, but I don't like how it means that a lot of people (including myself, since it's the only gratis way of doing it) have to rely on an American company (Let's Encrypt) for their TLS certificate
And also it's clearly a problem for older systems running older software that doesn't have the newest algorithms and certificates, but I'm not sure how old the system has to be before it starts being a problem
@aescling TBH the internet is very ... centralised seems like the wrong word, but I hope you understand what I mean... in general
To put up a web site, I need to have:
- Globally reachable IP
- Way to pay for things online
- Give my legal name & address to a registrar and pay a sizable amount of money (18€) every year to the registrar
- The registrar presumably pays it to the American company that runs .net
- If I want TLS, which is generally a Good Idea, I must get a certificate from Let's Encrypt, also an American company
And if I want to run my own e-mails, I also would need to either get a static IP from the ISP or to rent a fake computer in someone else's place (so I'm not actually running my e-mails on my own computer)
@aescling I did write an HTTP server running on ESP32, for fun, when I was somewhat younger and more clueless