> Fun should be unencrypted.
Five years ago I would totally agree. Now, when you do not want to share your fun thoughts with a border guard; a police person; an AI scavenger; a random jerk -- I would say, having a safe-ish space becomes almost a necessity
I’m not actually suggested anything be un-encrypted. I’m just saying we manage keys on the server not the client. Tls secures the password transaction, then the server issues the client a key and everything works as s@ suggests. If the keys expire or the client loses them, you repeat the login process.