Re: Where are the places that block encrypted traffic?

Tim Bray <tbray@textuality.com> Wed, 03 June 2015 15:04 UTC

Return-Path: <tbray@textuality.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B9301A8AA4 for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 08:04:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OvDVqgzAs1on for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 08:04:13 -0700 (PDT)
Received: from mail-yk0-f173.google.com (mail-yk0-f173.google.com [209.85.160.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A01A1A8AAB for <ietf@ietf.org>; Wed, 3 Jun 2015 08:04:11 -0700 (PDT)
Received: by yken206 with SMTP id n206so4482513yke.2 for <ietf@ietf.org>; Wed, 03 Jun 2015 08:04:10 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=tRZ8BVWAJ68PaoNpSxKv84P/hA5ZlqchgkEnPLA4jJk=; b=ak8nGgQ06sTMeg59VMRhIxjN5kklAdIzhzabNmAEnJg6q9XI6UAo7PtVprWkoUoFXn fSK25wPAkxY/4kub3ei3+wOms5BJVCi6fLQ7OyvLAGose/EBYFiTJg/5ftKR/0hXdRw0 4Vt1gzNc/Fyy/+vuR4sE9L5TzQFbm1Ea9Im796E5nRqnpTPj4nkAwt9cWLKswmv+k/Ca COuk7TGz7oC6T1B5QC7QKoSPacf2SpcgVBWwd59aX8L4kQW2HxL6wokDriJRYziormnG W8jADD+GkKAAZitY4N5sQl3Z3cEwxZ2ngOAQ4yFTbd679Xlac9WG3qFMo6hc1aEz4FO2 OEOQ==
X-Gm-Message-State: ALoCoQkNoEEjMWbJSNUarUz1dlACl8O21NshHBrwVIo48rDjhnQnnrE93sUjsGToJtSpSwEJ6uh/
X-Received: by 10.170.217.85 with SMTP id j82mr39591944ykf.25.1433343849609; Wed, 03 Jun 2015 08:04:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.204.148 with HTTP; Wed, 3 Jun 2015 08:03:49 -0700 (PDT)
X-Originating-IP: [24.84.235.32]
In-Reply-To: <tslk2vlsf7b.fsf@mit.edu>
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com> <tsllhg3t0ya.fsf_-_@mit.edu> <51432A40-FAC0-4D04-8CD5-20C56DC25FDD@frobbit.se> <2036457.vXnxjqSTLC@gongo> <20150603015444.32B952FD573D@rock.dv.isc.org> <tslk2vlsf7b.fsf@mit.edu>
From: Tim Bray <tbray@textuality.com>
Date: Wed, 3 Jun 2015 08:03:49 -0700
Message-ID: <CAHBU6isLZgD6PuO_584TBnV30hFKps93iF9mHuqZFYm7rdpQow@mail.gmail.com>
Subject: Re: Where are the places that block encrypted traffic?
To: Sam Hartman <hartmans-ietf@mit.edu>
Content-Type: multipart/alternative; boundary=001a1139da2cff518905179e5ee6
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/D4t8Dc1Xkce0EX6OJrWY3KTmu7U>
Cc: IETF-Discussion Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 15:04:15 -0000

I travel  heavily and visit many different kinds of public & private
institutions; and it has been many years since I’ve observed HTTPS
blockage. Even in China, it seems the blockage is more domain-based than
protocol-based.

So yes, I’d like to hear evidence for the claim of protocol blockage.

On Tue, Jun 2, 2015 at 7:23 PM, Sam Hartman <hartmans-ietf@mit.edu> wrote:

> >>>>> "Mark" == Mark Andrews <marka@isc.org> writes:
>
>
> to be clear, none of this is the sort of thing I was looking for.  All
> of this is discussions of parts of the Internet that aren't particularly
> transparent or interested in letting you have open access to large
> portions of the net.
> I don't care if the ietf website is accessible from a hotel before you
> accept the network's terms.
>
> Based on the discussion so far I'd like to see better justification for
> the claim that there are portions of the network that block TLS before
> we make it.
>
>


-- 
- Tim Bray (If you’d like to send me a private message, see
https://keybase.io/timbray)