Because you need a way to be reachable over HTTPS
Feels like this is the core key to be changed. Something like Debian’s packaging system for example, which doesn’t even need the Debian domain to be HTTPS.
Because you need a way to be reachable over HTTPS for other instances to be able to securely send you updates (new posts/comments/votes etc.), so you need a trusted certificate. While HTTPS does not strictly require a domain name^1^ it vastly simplifies the process.
^1^: It’s possible to get a trusted certificate for an IP address, but not nearly as easy as getting one for a domain. And it’s probably also more expensive than just getting a domain and using Let’s Encrypt to get a certificate.
nintendiator@feddit.cl 1 year ago
themoonisacheese@sh.itjust.works 1 year ago
They don’t need it per se but there’s a reason apt-transport-https is a very popular package.
kratoz29@lemmy.world 1 year ago
How does this works then?
nintendiator@feddit.cl 1 year ago
Dunno the exacts, but why not the good ol’ GPG? You only need to be able to exchange keys out-of-band once, and it saves you from lots of other issues. Trust between Alice and Brian is a between-them thing, and should not depend on a thrid party like Caroline arbitrarily deciding to change Brian’s legal name to Brandon.
WhoRoger@lemmy.world 1 year ago
Makes sense, thanks.