Now with more sekretz

Daedalusdreams.com is now SSL enabled for your convenience and security.Well… more for mine actually. However, it’s worth noting that you can access it at https://daedalusdreams.com/ and browse to your heart’s content with assurances that nobody aside from me knows what you’re up to.

The entire basis of security and authenticity on the internet is an amazing thing. When you make a request to daedalusdreams.com what assurances do you have that the content you’re getting is actually from me on this domain that I own? None. Anybody in the middle could be intercepting my communication to you and altering it. Which is why we have HTTPS/SSL. When you make a secure request you get this certificate that tells you “yep, we promise that anything coming from this IP is actually daedalusdreams.com”, and to help make sure nothing is modified mid-stream everything you get is also encrypted using that certificate.

So yay right? You now know that it’s me, and it’s really what I’m saying! But who ensures that? The root certificate authority that I used is basically vouching for me. It’s okay, they’re trustworthy right?! Well, sure they are, but how hard did they work to make sure that I am? They emailed me at “webmaster@daedalusdreams.com”. Theoretically since I have access to that email I’m the domain owner, and presto certificato we’re “secure”. (Well, technically I also had to buy a static IP for my domain name since you have to have a permanent address.)

Does the entire thing sound a little shifty to you? Yah, me too. At least my host offers a pretty reasonable price for certificates. The entire industry is sort of a racket, so it’s nice to be able to avoid having to shop around through that mess. The process needs to change however, in order for security on the web to become what it should be. That, however, is an entirely different blog post. For now, we’ll be happy that everything here is nice and tidy, and we’ll worry about the entire future of the internet at a later point.