Re: https at ietf.org

Tim Bray <tbray@textuality.com> Thu, 07 November 2013 17:47 UTC

Return-Path: <tbray@textuality.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABF2311E81B6 for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 09:47:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.922
X-Spam-Level:
X-Spam-Status: No, score=-2.922 tagged_above=-999 required=5 tests=[AWL=0.054, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6iORj09o7WFQ for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 09:47:45 -0800 (PST)
Received: from mail-vb0-f44.google.com (mail-vb0-f44.google.com [209.85.212.44]) by ietfa.amsl.com (Postfix) with ESMTP id 8B9B721F9FB9 for <ietf@ietf.org>; Thu, 7 Nov 2013 09:47:45 -0800 (PST)
Received: by mail-vb0-f44.google.com with SMTP id 11so610261vbe.17 for <ietf@ietf.org>; Thu, 07 Nov 2013 09:47:42 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=bSxkmDDtGxaQHZ2viGa1DCqMKkOvYX+8YDCZeUk/qkk=; b=A8vqg3Hh7/JIT8ZPRS7z+TIbydyZWn5e/vNpkIPEeR+SzWz2Le4MK0g5Tou5M5WaAI g+7Q8J1OjnH8H1k3HOeoyqqZIAPfhIQrED8JTwOv/eeHdKzZOdjKwC/mHHW64J0vaq3C tz8XMQRBVHz0XHxPIuK0utqyo2Lo9h7pEUy2hEyxPDyfX2gbDYZEvFgCpTNMCn+5mT8F VmW+KulnUl9qrW7zIkkeKlF5CM+FWwHaMQs/Hy8D4WeeM8tunxaIFmej3CjB3FEJh95t fA2qtlVuZn9znOgtIYleVoWQZNHmL/GoRz7thR/oiX5gnMJzj3V0gxul0rPqV6B2SJOU Q6zg==
X-Gm-Message-State: ALoCoQllyiH1u5nRhQPH02Sx8NYKWV2YMubccsMPs8f57Y5KKsu+rpOct8HuDk9T3ejlWCkLSuMo
MIME-Version: 1.0
X-Received: by 10.220.144.80 with SMTP id y16mr7667248vcu.4.1383846462793; Thu, 07 Nov 2013 09:47:42 -0800 (PST)
Received: by 10.220.110.134 with HTTP; Thu, 7 Nov 2013 09:47:42 -0800 (PST)
X-Originating-IP: [24.84.235.32]
In-Reply-To: <20131107171900.B41DE18C0E2@mercury.lcs.mit.edu>
References: <20131107171900.B41DE18C0E2@mercury.lcs.mit.edu>
Date: Thu, 07 Nov 2013 09:47:42 -0800
Message-ID: <CAHBU6iu-BKL8-LO6c+RVD_M5psPPsmVCCDZUx-Pv0VuiQm2NEQ@mail.gmail.com>
Subject: Re: https at ietf.org
From: Tim Bray <tbray@textuality.com>
To: Noel Chiappa <jnc@mercury.lcs.mit.edu>
Content-Type: multipart/alternative; boundary="047d7b343974d6be0404ea99dc2f"
Cc: IETF-Discussion Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 17:47:53 -0000

On Thu, Nov 7, 2013 at 9:19 AM, Noel Chiappa <jnc@mercury.lcs.mit.edu>wrote:


> E.g. Wikipedia now insists on sending me to HTTPS: versions of _all_ their
> pages (I guess to protect against a MITM


No, Wikipedia is taking the position that it’s nobody’s business who’s
reading about what, aside from the person doing the reading. For example, a
gay teenager in Uganda can read about potential health problems with
greatly lessened fear of exposure and torture.  I heartily approve. -Tim



> corrupting the content - since the
> content is totally public, I can't figure out what else good they think it
> does - although HTTPS doesn't really do that good a job at that). Problem
> is
> that for one of my browsers, it somehow can't get the certificates right,
> so
> every time I go to Wikipedia I get a zillion pop-ups complaining about
> certificate problems. Irony is, of course, that in some counties the whole
> site is just plain totally blocked.
>
> That's just an _example_ of the downside of 'encrypt everything, all the
> time'.
>
> And I can't wait until national governments start deciding that 'encrypt
> everything, all the time' violates their sovreignty, and they start
> blocking
> encrypted content from crossing their borders...
>
>         Noel
>