This already exists, its the HTTPS protocol.
HTTPS is made up of a composite of several parts. HTTPS isn’t actually a different thing that you might think. It uses the same top level layer to communicate with a server. Suggesting that we shouldn’t use HTTPS is suggesting that we shouldn’t use HTTP (maybe we shouldn’t, but that is a different discussion, and not what he brought up)
Its made up loosely of the following. (ignoring lower level components like TCP/IP)
HTTP for the top level layer protocol for communicating with web servers. This is literally just a protocol for how two servers should communicate and what types of requests they support and how to respond.
TLS, the encryption layer that makes the S in HTTPS generally, secures the HTTP link. This hasn’t always been TLS, it used to use SSL which was depreciated in favor of TLS, TLS has also changed over the years. having a number of versions. The current is TLS 1.2 which is being replaced by TLS 1.3.
TLS can make use of several encryption and hashing algorithms to create a secure connection. These are defined by the IETF (not the NSA), and the protocol version and specification for TLS are open and public, always.
The fact that they chose SHA1 has the hashing algorithm of choice doesn’t mean there’s some NSA conspiracy, and this is why he had such backlash.
There are actually concerns and issues he could have brought up, but he never did. Most comments that have defended his position (to some extent, not completely) bring up issues with HTTPS that he never got into.
I tried telling him as much, but he only seems to reply to things that are in his favor from what i could see.
You can see the entire specification here https://tools.ietf.org/html/rfc5246
and the proposed draft for TLS 1.3 which is to replace old broken technology with improved technology (something Brian seemed to think doesn’t happen with https?) https://tools.ietf.org/html/draft-ietf-tls-tls13-23