RE: Proposed Statement on "HTTPS everywhere for the IETF"

"Tony Hain" <alh-ietf@tndh.net> Wed, 03 June 2015 20:00 UTC

Return-Path: <alh-ietf@tndh.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 878F21AD2A4; Wed, 3 Jun 2015 13:00:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.801
X-Spam-Level:
X-Spam-Status: No, score=-1.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a8Bp9wOUtutO; Wed, 3 Jun 2015 13:00:50 -0700 (PDT)
Received: from express.tndh.net (express.tndh.net [IPv6:2001:470:e930:1240:20d:56ff:fe04:4c0a]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E3701B2A84; Wed, 3 Jun 2015 13:00:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tndh.net; s=dkim; h=Subject:Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:Date:In-Reply-To:References:To:From; bh=FqtwWPtAjAkRj7LVecW16A6RUMCVJ4Iwrrlo2IYNSiM=; b=As66dktg8zyzcqFklXPD8MY9AJm4lW0qkedT/RujUS2d0It1V3JWjT5ch5Z9oGRIsq9nrcGDxMgrdzMW192LsP2xmIoJe/b3SJpCvL24QU8fExCaw7ic+PLC23tfyJ9WCJPDB0do3EqIUKjnOdcyWfdYJl5GNBxQwSUh9OVOY/x2x8VR;
Received: from express.tndh.local ([2001:470:e930:1240:20d:56ff:fe04:4c0a] helo=eaglet) by express.tndh.net with esmtp (Exim 4.72 (FreeBSD)) (envelope-from <alh-ietf@tndh.net>) id 1Z0Eq1-0002Ts-Ma; Wed, 03 Jun 2015 13:00:45 -0700
From: "Tony Hain" <alh-ietf@tndh.net>
To: <ietf@ietf.org>, "'IETF Announcement List'" <ietf-announce@ietf.org>
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com>
In-Reply-To: <20150601164359.29999.35343.idtracker@ietfa.amsl.com>
Date: Wed, 3 Jun 2015 13:00:34 -0700
Message-ID: <0ab501d09e37$f4098980$dc1c9c80$@tndh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQEOzNU1RqxCT3Y5GM1VnUp3WH8IOJ8e0ySA
Content-Language: en-us
X-SA-Exim-Connect-IP: 2001:470:e930:1240:20d:56ff:fe04:4c0a
X-SA-Exim-Mail-From: alh-ietf@tndh.net
Subject: RE: Proposed Statement on "HTTPS everywhere for the IETF"
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on express.tndh.net)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/JWd3Ve89DP4p4QWXpKbQdvquGgo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 20:00:51 -0000

While I don't object to making the IETF content available via https/tls, this proposed statement reads as political knee-jerk BS that is both unnecessary and uncalled for. What the statement MUST focus on is 'data integrity', and SHOULD NOT stoop to fear mongering over 'privacy'. "It is public data ..." For the very small subset that is truly restricted access, it is fine to acknowledge 'privacy' as a concern, but for the vast majority of the content in question, 'data integrity' is the only real concern. 

As such, I oppose the statement as written. Fix the tone and I will be a strong supporter.

Tony


> -----Original Message-----
> From: IETF-Announce [mailto:ietf-announce-bounces@ietf.org] On Behalf
> Of The IESG
> Sent: Monday, June 01, 2015 9:44 AM
> To: IETF Announcement List
> Subject: Proposed Statement on "HTTPS everywhere for the IETF"
> 
> Hi All,
> 
> The IESG are planning to agree an IESG statement on "HTTPS Everywhere for
> the IETF," please see [1] for the current text.
> 
> We are seeking community feedback on this and welcome assistance from
> the community in identifying any cases where a change or additional
> guidance is needed to put this into effect.
> 
> The IESG plans to finalise this statement just after IETF-93 in Prague.
> 
> * Please send general feedback intended for discussion to ietf@ietf.org
> 
> * Comments about specific issues arising can be sent to iesg@ietf.org or
> tools-discuss@ietf.org as appropriate (use iesg@ietf.org if not sure)
> 
> Regards,
> Terry & Stephen (for the IESG)
> 
> [1] https://trac.tools.ietf.org/group/iesg/trac/wiki/HttpsEverywhere