Re: Proposed Statement on "HTTPS everywhere for the IETF"

"Cullen Jennings (fluffy)" <fluffy@cisco.com> Wed, 03 June 2015 20:32 UTC

Return-Path: <fluffy@cisco.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C52361A8974 for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 13:32:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -114.511
X-Spam-Level:
X-Spam-Status: No, score=-114.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v_jTMWydNOVX for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 13:32:43 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61DBF1A8958 for <ietf@ietf.org>; Wed, 3 Jun 2015 13:32:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=992; q=dns/txt; s=iport; t=1433363563; x=1434573163; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=876AJPbYy91twwpJRYrj9nIUSy2jFYC0sL/yV82r3ZY=; b=kJU3d7LdAEMga1G3LHOtETAlOU+zJNAyOOpgEuX6jp965bns0v66k7so i85U+qn/jyYRlXDFsxQU2jbe1upK9yDRQcFGbZ/SxQBynLMu6Zgu/8Pop 7jZwq3c8vILwbRp/ToLA9VuEiYnAOdVXKGvb+PclY5SOctho+zFTUm3bA w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AnBQAeZG9V/4wNJK1bgxBUXgbGLAKBRzsRAQEBAQEBAYEKhCIBAQEDATo/BQsCAQgYHhAyJQIEDgWIJQjbZwEBAQEBAQEBAQEBAQEBAQEBAQEBAReLQ4RTMweDF4EWAQSTFIsfl0QkYYMXb4FGgQEBAQE
X-IronPort-AV: E=Sophos;i="5.13,548,1427760000"; d="scan'208";a="545836"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by rcdn-iport-5.cisco.com with ESMTP; 03 Jun 2015 20:32:36 +0000
Received: from xhc-rcd-x04.cisco.com (xhc-rcd-x04.cisco.com [173.37.183.78]) by alln-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id t53KWZ8d019490 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 3 Jun 2015 20:32:35 GMT
Received: from xmb-aln-x02.cisco.com ([169.254.5.166]) by xhc-rcd-x04.cisco.com ([173.37.183.78]) with mapi id 14.03.0195.001; Wed, 3 Jun 2015 15:32:35 -0500
From: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF"
Thread-Topic: Proposed Statement on "HTTPS everywhere for the IETF"
Thread-Index: AQHQnjppynxSJqF4YEG7xqNSqlsiAp2bkDWA
Date: Wed, 3 Jun 2015 20:32:34 +0000
Message-ID: <6CB49D13-740A-4B58-B638-5F277645AAB1@cisco.com>
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com> <543B4D57-C84C-49B7-B108-827333434F72@cisco.com> <556F6103.2090608@cs.tcd.ie>
In-Reply-To: <556F6103.2090608@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.20.249.165]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <CB8E5175C6213740A0FDF22EE9C9D1D3@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/DNSQwVcfttyuitFxTQebmy3ieJ0>
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 20:32:44 -0000

> On Jun 3, 2015, at 2:18 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
> 
> 
> Hiya,
> 
> On 03/06/15 19:31, Cullen Jennings (fluffy) wrote:
>> 
>> This is too little too late.
>> 
>> This wishy washy "we believe in security but don't like to actually
>> use it ourselves" is not the leadership IETF should be providing to
>> the internet. The internet has already been harmed by too many years
>> of security that is not turned on.
>> 
>> Take a hum at next plenary and find out if people want the IETF to
>> actually use security or not.
> 
> Or we can put this in place and then measure who continues to access
> in clear and see what that tells us.

I suspect it will largely be in the clear. But I see the leaders encrypting, I wish we were leading. 

> 
> Maybe a hum at a plenary is a bit too large a hammer to bring out for
> this fairly modest nail.
> 
> S.
> 

Fair enough. I'll leave the bike shed alone :-)