duckduckgo vs HTTP [was Re: Help building a DOS system for ImageDisk]

(I assume this was in resposne to a response to my response to the duckduckgo note.) It's broken as far as I'm concerned: it renders it unusable for me. I neither have nor want HTTPS support; it provides little-to-nothing I care about - possibly excepting interoperability with things like duckduckgo that insist on refusing to operate over HTTP, and those few aren't _nearly_ enough to make me jump through the hoops necessary to make HTTPS work. (On at least two occasions I've looked at adding HTTPS support to the lynx I use, and in each case I've gotten some four or five levels deep in yak shaving before discovering I needed something ridiculously heavyweight for the purpose, like perl. Someday I may try to find enough documentation to build my own implementation which doesn't depend on crap like that, but so far every time I've looked I've rapidly ended up at pay-to-play "standards", which I of course consider completely unacceptable - indeed, I think the IETF should never have let HTTPS in the door until that was fixed.) TLS is also fundamentally broken, in that what security it provides depends critically on the CA hierarchy, which is laughably broken. (Consider the number of non-Microsoft entities which have obtained certs for microsoft.com - or the wildcard certs used to do things like HTTPS snooping at national borders, the existence of even one of which is a fundamental subversion of the trust model.) /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse at rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B