Quad9 DOH HTTP/1.1 Retirement, December 15, 2025
https://quad9.net/news/blog/doh-http-1-1-retirement/
#HackerNews #Quad9 #DOH #HTTP/1.1 #Retirement #December #15 #2025 #Cybersecurity #DNS #Privacy #TechNews
Chewie
boosted
@daniel@gultsch.social
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
I started going to IETF meetings. Those events take place 3 times a year, with ~1000 people attending in person and another ~1000 remotely. A good chunk of those are paid to be there and some are employed by big companies like Apple and Google. This is the place where the fundamental fabric of the internet is constantly being improved. TLS 1.3, HTTP/3, MLS to name a few.
With this in mind I have no fucking clue what Moxie was on about when he said interoperable protocols are stuck in the 1990s.
@daniel@gultsch.social
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.
In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.
So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.
I wouldn't call these as "improvements".
These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.
@lorenzo@snac.bobadin.icu
Debby ⁂📎🐧:disability_flag:
boosted
Chrome to warn on unencrypted HTTP by default
https://security.googleblog.com/2025/10/https-by-default.html
#HackerNews #Chrome #HTTP #Warning #Security #Browser #Update
Write Node.js code in Rust to achieve massive HTTP throughput
https://www.npmjs.com/package/brahma-firelight
#HackerNews #Nodejs #Rust #HTTP #Throughput #Performance #Optimization
alcinnz
boosted
Some things would be easier if certain public HTTP-based APIs supported a (custom) APPEND HTTP-method.
To let users append to an existing file.
⁂
PUT is inefficient for this use case.
PATCH and POST already exist, but what they support is much more generic than this. It is the same way that you could use POST instead of DELETE, PATCH, and PUT; but it is simpler in some ways if you use a separate method for each pattern.
Some things would be easier if certain public HTTP-based APIs supported a (custom) APPEND HTTP-method.
To let users append to an existing file.
⁂
PUT is inefficient for this use case.
PATCH and POST already exist, but what they support is much more generic than this. It is the same way that you could use POST instead of DELETE, PATCH, and PUT; but it is simpler in some ways if you use a separate method for each pattern.
Tim Chambers
boosted
The HTTP-protocol is (also) a de facto layer-4 transport-layer-protocol.
It might have been intended to be a layer-7 application-layer-protocol, but — look at how people are using it.
Applications are built on top of the HTTP-protocol somewhat similarly to how people decades ago would have built applications on top of the TCP-protocol.
Even the Fediverse uses the HTTP-protocol in this way — as a layer-4 transport-layer-protocol.
The HTTP-protocol is (also) a de facto layer-4 transport-layer-protocol.
It might have been intended to be a layer-7 application-layer-protocol, but — look at how people are using it.
Applications are built on top of the HTTP-protocol somewhat similarly to how people decades ago would have built applications on top of the TCP-protocol.
Even the Fediverse uses the HTTP-protocol in this way — as a layer-4 transport-layer-protocol.
alcinnz
boosted
Google more-or-less created 2 new versions of the HTTP protocol — HTTP/2 and HTTP/3 —
But didn't bother make either of them (officially) support UTF-8 in the HTTP request.
Google more-or-less created 2 new versions of the HTTP protocol — HTTP/2 and HTTP/3 —
But didn't bother make either of them (officially) support UTF-8 in the HTTP request.
Stefano Marinelli
boosted
I’ve been using static-web-server to host a local mirror for my machines, and the experience has been excellent.
It’s incredibly fast, lightweight, and easy to run and perfect for those times when you just want to serve files without the overhead of a full web server like Apache.
To make it even simpler for Slackware users, I wrote the https://slackbuilds.org/repository/15.0/network/static-web-server/?search=static-web-server
#slackware #rust #staticwebserver #http
I’ve been using static-web-server to host a local mirror for my machines, and the experience has been excellent.
It’s incredibly fast, lightweight, and easy to run and perfect for those times when you just want to serve files without the overhead of a full web server like Apache.
To make it even simpler for Slackware users, I wrote the https://slackbuilds.org/repository/15.0/network/static-web-server/?search=static-web-server
#slackware #rust #staticwebserver #http
alcinnz
boosted
I have a little computer that would be perfect for self hosting a website. I can get a permanent IP address for it. In the past I would have used aws or similar to register a domain name and direct traffic to it and just serve up http from a linux stack.
I'm interested in what's "best practice" for self hosting today if people have suggestions?
I'm thinking I should put it behind a service like cloudflare and also make it https but I want to remain non-corporate as possible.
I have a little computer that would be perfect for self hosting a website. I can get a permanent IP address for it. In the past I would have used aws or similar to register a domain name and direct traffic to it and just serve up http from a linux stack.
I'm interested in what's "best practice" for self hosting today if people have suggestions?
I'm thinking I should put it behind a service like cloudflare and also make it https but I want to remain non-corporate as possible.
Stefano Marinelli
boosted
Updated my httpd.rocks guide with a small section about implementing Basic HTTP Authentication:
Updated my httpd.rocks guide with a small section about implementing Basic HTTP Authentication: