Bonum Certa Men Certa

On the Web, HTTPS Has Actually Become a Privacy Problem (Broadcasting Usage/Access to the All-Seeing CA Eye). Geminispace Doesn't Have This Problem.

posted by Roy Schestowitz on Oct 07, 2024

Great White Herons flying over the river just before sunset

Down to 23 capsules: the rapid demise of Certificate Authority (CA) Let's Encrypt in Geminispace

THE Linux Foundation's Certificate Authority continues its rapid decline in Geminispace. It's one heck of a fall.

To quote Lupa today: "This page presents some statistics on the current state of the Gemini space. It has been updated on 2024-10-07 03:04:00Z. [...] 2587 (89.7 %) capsules are self-signed, 23 (0.8 %) use the Certificate Authority Let's Encrypt, 274 (9.5 %) are signed by another CA (may be not a trusted one)."

It's down from about 12% a couple of years ago to just 0.8% right now.

On the Web, HTTPS by default would likely be OK if sites were allowed to sign their own certificates, vouching for their own authenticity rather than outsourcing trust (presenting yet another layer of risk). Over the weekend someone asked: "What about dealing with sites which have self-signed TLS certificates? I think there can be a work-around for that in RRRRRR. The hard part would be fetching the individual certificates for local caching."

In practice, as the Web requires a Web browser or Web client, the Web does not 'support' self-signed TLS certificates. It supports that in theory, but the "modern" browsers have already decided that they're rotten (TLS certificates can never be trusted) and those browsers basically set the "standard". In the command line, curl and wget decided that by default they won't trust that either. Maybe those defaults aren't even possible to bypass anymore. The same is true for some Web/socket libraries in various programming languages; they could in theory facilitate sign-signed certificates and they decided not to. So self-signed TLS certificates, at least in 2024, are for sites inside intranets maybe, not the World Wide Web. In my last job I installed WordPress in that way (this was some years ago). Maybe the latest Chrome and Firefox would no longer accept that, even for some intranets where there's no good reason to exposed usage patterns to CAs outside the intranet.

Well, the situation on the Web keeps getting worse; even intranets are impacted. Companies like Microsoft and Google want a complete log of which domains (or sites) people access and they call that "security", even "privacy". Gemini Protocol does not have this issue. No such pretences. No "eye of Sauron".

Shall we call it the "See Eye A" (CIA)? Or "the All-Seeing CA Eye" (CAI)? Jokes aside, don't believe fake security posers and "clowns" just because they repeat talking points from GAFAM. Their goal isn't security but the opposite.

Other Recent Techrights' Posts

What Microsoft Reputation Laundering (With a Weaponised Law Degree) Looks Like in a Foreign Continent
You would expect this in uncivilised and primitive countries
Slopwatch: LLMs 'Write' Fake or Distorted 'News' About "Linux"
LLM slop disguised as news
Weeks After Microsoft Bankruptcy in Russia the Company Shuts Down in Pakistan, Too
Last month Windows' share in Pakistan fell to an all-time low
Crime and Corruption at Microsoft GitHub Cannot be Covered Up by SLAPPs in Another Continent
We'll write about this for a long time to come
 
The Death of X Has Been Greatly Exaggerated (by Compromised Media)
X.Org Server is alive and well
Rewriting Things in Rust
How far would you go?
In 2025 Everything is "AI". Remember Blockchains?
Talk about what companies and things (services, products, software) actually do, not the labels they use
Julian Assange Has Been Free for a Year
Julian Assange and I disagreed on some things
Monopolies and Scalping
Monopolies gravitate towards price hikes
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 04, 2025
IRC logs for Friday, July 04, 2025
Microsoft's August Layoffs Wave: "August is Confirmed for Additional Performance Based Cuts"
"August is confirmed for additional performance based cuts from the recent connects along with additional organizational cuts."
Links 04/07/2025: Google Replaces the Web With Slop, "AI Might Kill Us All"
Links for the day
Gemini Links 04/07/2025: Mindfulness and F1
Links for the day
Rob Musial's June 2025 Additions of Malware in Proprietary Software
Via the GNU Web site this week
Links 04/07/2025: Microsoft's H-1B Visa Applications Show Another Crisis Unfolding, Many More Deep Cuts and Shutdowns Revealed, Complete Microsoft Exits
Links for the day
Gemini Links 04/07/2025: A Day To Remember and "Stop Killing Games"
Links for the day
Slop Videos Are Disappointing Garbage, Nothing New, Just Brute Force up on Display or a Pedestal of Slop
Slop videos aren't a new thing
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, July 03, 2025
IRC logs for Thursday, July 03, 2025
The War on Local Storage (People Hosting Their Files Locally and Privately)
There's nothing wrong with controlling one's computing
What Digital Independence Means
Independence in the digital realms means abandoning platforms like GitHub, not just rejecting proprietary software
NVidia is a Bubble
they temporarily see fortunes and wrongly assume perpetuity thereof
Fedora Does Not Care About Diversity and Inclusion, It's About Optics (Corporate Image)
any notion of inclusion is superficial and misleading
Don't Buy the Excuses for Microsoft's Mass Layoffs
Back in the 90s, Microsoft bought a lot of companies to get and stay ahead
Happy Independence Day to Our American Readers
Maybe tomorrow will be a good opportunity to explain to American people - in terms of concepts, not brands - which tools respect their independence
Slopwatch: Linux Journal, Linuxsecurity, and Google News Getting Even Worse (More Slopfarms Added Which Attack Linux With Bruce-Force SPAM)
Google News is part of the same problem
Links 03/07/2025: More Cuts and Cancellations at Microsoft Revealed
Links for the day
Gemini Links 03/07/2025: Favourite Child and Launching WikiGem
Links for the day
GNU/Linux is Replacing Microsoft Windows. But We Need to Eradicate Microsoft, It's a Hub of Crime.
I have been writing about Microsoft since the 1990s when I was in school
Mystery Surrounding the PCLinuxOS Sites and PCLinuxOS Magazine
Let's hope this isn't something major
People and Companies Do Learn Some Lessons From Their Mistakes (Stubborn Ones Don't)
Brett Wilson LLP is an example of one that would rather drown in mistakes
Links 03/07/2025: 'Hey Hi' Slop Ridiculed Some More and Microsoft's Layoffs Tally for 2025 Reaches About 29,000 in Just 6 Months (Almost 5,000 Per Month)
Links for the day
Microsoft Staff Harassing Women, Strangling Women, Telling Women to Kill Themselves and Worse? Not a Problem!
Two women have left Brett Wilson LLP
The Slopfarms Are Losing the Plot (and Google is Propping Up Rogue Sites)
Google is part of the attack on the Web, on information, and on technology
New BetaNews Realises There's No Potential or Future in Slopfarms, Prior Editor Wayne Williams is Back
They realise that slop (so-called "AI") cannot replace humans
Claims That Microsoft Looks for Staff That Works More and Gets Paid Less (or Can Only Code by Grabbing Other People's Code, Under the Guise of "AI")
People can form their own opinion
Richard Stallman Was Right About Reasons Not to Use Microsoft
last updated 2017
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, July 02, 2025
IRC logs for Wednesday, July 02, 2025
Gemini Links 03/07/2025: No to Cloudflare and Small Web July
Links for the day