indieweb protocols use domains as primary root identities, and use SSL (TLS) and certificate validation to check that they’re communicating with the right domain, and that the communication is secure and private. indieauth, webmention, microsub, etc all build on that core foundation, which lets them provide similar end to end identity and security guarantees without including any encryption, signatures, or key exchange in their own protocols. that’s what i meant by “crypto” and “crypto layer.”
@Khürt i’m guessing you mean you hope everyone uses TLS specifically as the protocol, instead of SSL? sure, obviously. that’s to be expected these days. people still often use the term “SSL” in casual conversation to refer to the broader ecosystem of https, CA-based certificates and verification, browser lock icons, etc, using TLS as the underlying protocol. that’s how i meant it.