Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In my opinion, neither way makes sense.

Some kind of things are just not the things that HTTPS is meant to do and therefore does not do very well. For downloading and uploading files (and forms, etc), HTTP(S) is working, although some other things won't fit very well with it, and are often done in a rather complicated way that still won't fit very well with it.

Client certificates are a feature of TLS, and not of HTTPS; however, since HTTPS is using TLS that means that you can use client certificates with HTTPS too, even though they are not commonly used. (Client certificates are more commonly used with Gemini protocol.)

The article says SSH does not have virtual hosting. HTTP does, and so does TLS (although I think some older versions of TLS do not have virtual hosting), so HTTPS does have that benefit, at least.



> Some kind of things are just not the things that HTTPS is meant to do and therefore does not do very well.

I'm not sure I see what those are anymore. With http2 we got multiplexing with different priorities on streams, with http3/quic we got connection migration. I don't see many usecases where SSH has clear win anymore.

> although I think some older versions of TLS do not have virtual hosting

Virtual hosts came to TLS with SNI, added in 2003. It took a while for it to be reliable though, mainly since IE6 was slow to die.

Virtual hosting with SSH would be very useful for me since I want to run both a git SSH server (in my case gitea) and my normal SSH server as two different services, isolated from each other.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: