Re: Proposed Statement on "HTTPS everywhere for the IETF"
Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 01 June 2015 20:15 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97ABA1A904B for <ietf@ietfa.amsl.com>; Mon, 1 Jun 2015 13:15:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xYYSbRlpwzmB for <ietf@ietfa.amsl.com>; Mon, 1 Jun 2015 13:15:16 -0700 (PDT)
Received: from mail-pd0-x236.google.com (mail-pd0-x236.google.com [IPv6:2607:f8b0:400e:c02::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0487C1B3397 for <ietf@ietf.org>; Mon, 1 Jun 2015 13:15:16 -0700 (PDT)
Received: by pdbqa5 with SMTP id qa5so115538174pdb.0 for <ietf@ietf.org>; Mon, 01 Jun 2015 13:15:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=b7c/Bj+SVyRuoLrSly2br+InX2O1lOknpAtGRrvgrWI=; b=r8uCOrUQ0ikWZ6IQMRIvXmAp4OeewdhxcxoKzwS1zBhHxBXpX/ea9yTPhWiBm10eoN Z3BVXqRWH2VbmpMEAisQ69VhLsCVM0550yC/lcmkvP8rznN3SwzbFYYIqfVDhGJJkL2R 1lu2j8cgEAmeX7IDn7qunjr8ODe33EJh/MY3CwAqQ3q/EEocC7uNhgMYvZDsHFNkd62J vzVSvSTFaaxokK/6fXLA95k/1Nl23rTyxFY7919Dz2xfM7uQPdRe8gXWNhboCiVW24Rt 7ymIefdAfCc3wChFxh3Ka4EGsrvT0KT8vgXOh8DrtkY6go97iApiZ3k4TxDDpMFUOvNx 0Wdw==
X-Received: by 10.68.161.99 with SMTP id xr3mr5942779pbb.47.1433189715600; Mon, 01 Jun 2015 13:15:15 -0700 (PDT)
Received: from ?IPv6:2406:e007:5b56:1:28cc:dc4c:9703:6781? ([2406:e007:5b56:1:28cc:dc4c:9703:6781]) by mx.google.com with ESMTPSA id qo1sm13829897pbc.89.2015.06.01.13.15.12 for <ietf@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 01 Jun 2015 13:15:13 -0700 (PDT)
Message-ID: <556CBD4A.9030708@gmail.com>
Date: Tue, 02 Jun 2015 08:15:06 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF"
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com>
In-Reply-To: <20150601164359.29999.35343.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/Pq_hPj_8xz6z9l6eQes_P0qwoqg>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2015 20:15:17 -0000
Hi, I think this is reasonable. However, it seems necessary to qualify it by pointing out that users of HTTPS remain exposed to traffic analysis (e.g. see https://arxiv.org/pdf/1403.0297). Brian On 02/06/2015 04:43, The IESG wrote: > Hi All, > > The IESG are planning to agree an IESG statement on "HTTPS Everywhere > for the IETF," please see [1] for the current text. > > We are seeking community feedback on this and welcome assistance > from the community in identifying any cases where a change or > additional guidance is needed to put this into effect. > > The IESG plans to finalise this statement just after IETF-93 in Prague. > > * Please send general feedback intended for discussion to ietf@ietf.org > > * Comments about specific issues arising can be sent to iesg@ietf.org > or tools-discuss@ietf.org as appropriate (use iesg@ietf.org if not sure) > > Regards, > Terry & Stephen (for the IESG) > > [1] https://trac.tools.ietf.org/group/iesg/trac/wiki/HttpsEverywhere > > . >
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Bob Hinden
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Harald Alvestrand
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Phillip Hallam-Baker
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Paul Wouters
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Baugher (mbaugher)
- Where are the places that block encrypted traffic? Sam Hartman
- Re: Proposed Statement on "HTTPS everywhere for t… S Moonesamy
- Re: Proposed Statement on "HTTPS everywhere for t… John Levine
- Re: Proposed Statement on "HTTPS everywhere for t… Masataka Ohta
- Re: Proposed Statement on "HTTPS everywhere for t… Eliot Lear
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Where are the places that block encrypted tra… Patrik Fältström
- Re: Proposed Statement on "HTTPS everywhere for t… Eliot Lear
- Re: Proposed Statement on "HTTPS everywhere for t… Harald Alvestrand
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Where are the places that block encrypted tra… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… Stewart Bryant
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… l.wood
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Where are the places that block encrypted tra… Mark Andrews
- Re: Where are the places that block encrypted tra… Sam Hartman
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Proposed Statement on "HTTPS everywhere for t… Stewart Bryant
- Re: Proposed Statement on "HTTPS everywhere for t… t.p.
- Re: Proposed Statement on "HTTPS everywhere for t… t.p.
- Re: Where are the places that block encrypted tra… Tim Bray
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Where are the places that block encrypted tra… Warren Kumari
- Re: Proposed Statement on "HTTPS everywhere for t… Cullen Jennings (fluffy)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Cullen Jennings (fluffy)
- Re: Proposed Statement on "HTTPS everywhere for t… John C Klensin
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… John C Klensin
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Yoav Nir
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Hildebrand
- RE: Proposed Statement on "HTTPS everywhere for t… Christian Huitema
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Benson Schliesser
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… l.wood
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell