RE: Proposed Statement on "HTTPS everywhere for the IETF"

"Tony Hain" <> Wed, 03 June 2015 20:00 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 878F21AD2A4; Wed, 3 Jun 2015 13:00:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.801
X-Spam-Status: No, score=-1.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id a8Bp9wOUtutO; Wed, 3 Jun 2015 13:00:50 -0700 (PDT)
Received: from ( [IPv6:2001:470:e930:1240:20d:56ff:fe04:4c0a]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3E3701B2A84; Wed, 3 Jun 2015 13:00:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;; s=dkim; h=Subject:Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date:In-Reply-To:References:To:From; bh=FqtwWPtAjAkRj7LVecW16A6RUMCVJ4Iwrrlo2IYNSiM=; b=As66dktg8zyzcqFklXPD8MY9AJm4lW0qkedT/RujUS2d0It1V3JWjT5ch5Z9oGRIsq9nrcGDxMgrdzMW192LsP2xmIoJe/b3SJpCvL24QU8fExCaw7ic+PLC23tfyJ9WCJPDB0do3EqIUKjnOdcyWfdYJl5GNBxQwSUh9OVOY/x2x8VR;
Received: from express.tndh.local ([2001:470:e930:1240:20d:56ff:fe04:4c0a] helo=eaglet) by with esmtp (Exim 4.72 (FreeBSD)) (envelope-from <>) id 1Z0Eq1-0002Ts-Ma; Wed, 03 Jun 2015 13:00:45 -0700
From: "Tony Hain" <>
To: <>, "'IETF Announcement List'" <>
References: <>
In-Reply-To: <>
Date: Wed, 3 Jun 2015 13:00:34 -0700
Message-ID: <0ab501d09e37$f4098980$dc1c9c80$>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQEOzNU1RqxCT3Y5GM1VnUp3WH8IOJ8e0ySA
Content-Language: en-us
X-SA-Exim-Connect-IP: 2001:470:e930:1240:20d:56ff:fe04:4c0a
Subject: RE: Proposed Statement on "HTTPS everywhere for the IETF"
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on
Archived-At: <>
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 03 Jun 2015 20:00:51 -0000

While I don't object to making the IETF content available via https/tls, this proposed statement reads as political knee-jerk BS that is both unnecessary and uncalled for. What the statement MUST focus on is 'data integrity', and SHOULD NOT stoop to fear mongering over 'privacy'. "It is public data ..." For the very small subset that is truly restricted access, it is fine to acknowledge 'privacy' as a concern, but for the vast majority of the content in question, 'data integrity' is the only real concern. 

As such, I oppose the statement as written. Fix the tone and I will be a strong supporter.


> -----Original Message-----
> From: IETF-Announce [] On Behalf
> Of The IESG
> Sent: Monday, June 01, 2015 9:44 AM
> To: IETF Announcement List
> Subject: Proposed Statement on "HTTPS everywhere for the IETF"
> Hi All,
> The IESG are planning to agree an IESG statement on "HTTPS Everywhere for
> the IETF," please see [1] for the current text.
> We are seeking community feedback on this and welcome assistance from
> the community in identifying any cases where a change or additional
> guidance is needed to put this into effect.
> The IESG plans to finalise this statement just after IETF-93 in Prague.
> * Please send general feedback intended for discussion to
> * Comments about specific issues arising can be sent to or
> as appropriate (use if not sure)
> Regards,
> Terry & Stephen (for the IESG)
> [1]