Comment on [deleted]
iopq@lemmy.world 1 year agoIf you connect to the internet through an ISP you can’t trust that either. That’s why we have encryption, you can only block the whole message from appearing completely, you can’t change its contents
vrighter@discuss.tchncs.de 1 year ago
using encryption in this case protects you from the isp messing with your communication to the api provider. The api can still lie to you and encrypt the lie.
iopq@lemmy.world 1 year ago
The API provider similarly can’t sign an encrypted message with a key it doesn’t have