IETF Logo Mail Archive

Re: https at ietf.org

Ted Lemon <Ted.Lemon@nominum.com> Wed, 06 November 2013 14:10 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2EFF21E8117 for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 06:10:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.589
X-Spam-Level:
X-Spam-Status: No, score=-106.589 tagged_above=-999 required=5 tests=[AWL=0.010, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OhFg9HsS36WR for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 06:09:59 -0800 (PST)
Received: from exprod7og127.obsmtp.com (exprod7og127.obsmtp.com [64.18.2.210]) by ietfa.amsl.com (Postfix) with ESMTP id BD4BB21E8115 for <ietf@ietf.org>; Wed, 6 Nov 2013 06:09:51 -0800 (PST)
Received: from shell-too.nominum.com ([64.89.228.229]) (using TLSv1) by exprod7ob127.postini.com ([64.18.6.12]) with SMTP ID DSNKUnpNr7IwY8kwyFN2ViyzMeqGrLKIAXzT@postini.com; Wed, 06 Nov 2013 06:09:51 PST
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id 61D4A1B82DC for <ietf@ietf.org>; Wed, 6 Nov 2013 06:09:51 -0800 (PST)
Received: from webmail.nominum.com (cas-02.win.nominum.com [64.89.228.132]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTPS id 426B6190043; Wed, 6 Nov 2013 06:09:51 -0800 (PST) (envelope-from Ted.Lemon@nominum.com)
Received: from MBX-01.WIN.NOMINUM.COM ([64.89.228.133]) by CAS-02.WIN.NOMINUM.COM ([64.89.228.132]) with mapi id 14.03.0158.001; Wed, 6 Nov 2013 06:09:51 -0800
From: Ted Lemon <Ted.Lemon@nominum.com>
To: Dave Cridland <dave@cridland.net>
Subject: Re: https at ietf.org
Thread-Topic: https at ietf.org
Thread-Index: AQHO2qIaRBarL/JKSEG/1rV78IBalZoYl5IAgAADF4CAACnmgA==
Date: Wed, 06 Nov 2013 14:09:50 +0000
Message-ID: <EA2A8649-F8E6-4802-BDD7-AD593D387B9D@nominum.com>
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com> <alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com> <01P0FR4HDQNG00004G@mauve.mrochek.com> <CAHBU6ivZS33r4HHbCC391Ug9fMtZkJ3nojEeeqH5L+0+o3ZqGQ@mail.gmail.com> <01P0FU0CS96Q00004G@mauve.mrochek.com> <26C6A672-A5D2-44C4-B343-9CCE5E388348@standardstrack.com> <CAKHUCzzzT-0p89uT62zrxGqF1XACG+Ok7hNLcuTaDad7R7eCTQ@mail.gmail.com>
In-Reply-To: <CAKHUCzzzT-0p89uT62zrxGqF1XACG+Ok7hNLcuTaDad7R7eCTQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.1.10]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <336FEBDDABBBDD47B11D3C40E664EE2E@nominum.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: IETF-Discussion Discussion <ietf@ietf.org>, Eric Burger <eburger@standardstrack.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2013 14:10:04 -0000

On Nov 6, 2013, at 3:39 AM, Dave Cridland <dave@cridland.net> wrote:
> On Wed, Nov 6, 2013 at 11:28 AM, Eric Burger <eburger@standardstrack.com> wrote:
>> How does the use of HTTPS restrict who can participate in the IETF? That is like saying that because we no longer offer Gopher, we have closed off participation to some (possibly null) set of Internet users.
> Requiring HTTPS, particularly with reasonable cipher suites, might restrict use of from certain jurisdictions.

I assume that what we want is a mechanism for authenticating the content; in this case there is no need to encrypt the content.   We are just talking about HTTPS because no mechanism exists to do the one without the other.   So the problem you are talking about, which I agree is real, is simply evidence of a missing feature; maybe that is where this debate ought to go.

v2.23.0 | Report a Bug | By Email