On Wed, 2024-08-14 at 17:10 -0400, Michael Richardson wrote: > > Most of our issues with TLS and CAs is really the market failure on > the browser side of things. We don't have TLSA/DANE support in > browsers (or IPv6-LL) because we have a lack of choices. I agree. > > We (as a planet) don't understand that we need to spend money on > maintenance of software. The 81% that was Mozilla's take from Google > ought to wake us up. I wonder what the viability would be for a FLOSS/non-profit browser foundation that has a charter that explicitly forbids taking corporate money? One thing that I think could help tremendously would be more modular browser components. Where a browser "distribution" packages up different competing open source parts. The TCP/IP stuff is trivial for a one-man coder to write. It's the CSS/JS/Animation/Render Engine that's really complicated and hard to build without a team.
