> If someone does that you’ve already been pwned Then why use encryption at all ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jabiko on April 17, 2025 \| parent \| context \| favorite \| on: TLS certificate lifetimes will officially reduce t... > If someone does that you’ve already been pwned Then why use encryption at all when your threat model for encrypted communication can't handle a malicious actor on the network?

mjmas on April 17, 2025 [–]

Because there are various things in HTML and JS that require https.

(Though getting the browser to just assume http to local domains is secure like it already does for http://localhost would solve that)

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact