2014.04.01 02:13:55 (450788111765610496) from Daniel J. Bernstein, replying to "@landley (@landley)" (450422164856926208):
The unfortunate reality is that most of the people interested in back-dooring crypto libraries can forge HTTPS as easily as HTTP. @landley
2014.03.31 01:59:47 (450422164856926208) from "@landley (@landley)":
So http://nacl.cr.yp.to install is an unsecured http, and if you https that it's a self-signed certificate. Brilliant!