[cryptography] STARTTLS for HTTP

Tony Arcieri bascule at gmail.com
Tue Aug 19 00:29:38 EDT 2014

Anyone know why this hasn't gained adoption?


I've been watching various efforts at widespread opportunistic encryption,
like TCPINC and STARTTLS in SMTP. It's made me wonder why it isn't used for

Opportunistic encryption could be completely transparent. We don't need any
external facing UI changes for users (although perhaps plaintext HTTP on
port 80 could show a broken lock). Instead, if the server and client
mutually support it, TLS with an unauthenticated key exchange is used.

It seems most modern web browsers and web servers are built with TLS
support. Why not always flip it on if it's available on both sides, even if
it's trivially MitMed?

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140818/7ca07189/attachment.html>

More information about the cryptography mailing list