Re: Proposed Statement on "HTTPS everywhere for the IETF"
Richard Barnes <rlb@ipv.sx> Tue, 02 June 2015 21:30 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6190A1A002F for <ietf@ietfa.amsl.com>; Tue, 2 Jun 2015 14:30:44 -0700 (PDT)
X-Quarantine-ID: <2q__1NRKaYIg>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BANNED, message contains text/plain,.exe
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2q__1NRKaYIg for <ietf@ietfa.amsl.com>; Tue, 2 Jun 2015 14:30:42 -0700 (PDT)
Received: from mail-la0-f52.google.com (mail-la0-f52.google.com [209.85.215.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C0AB31A0029 for <ietf@ietf.org>; Tue, 2 Jun 2015 14:30:41 -0700 (PDT)
Received: by laei3 with SMTP id i3so47932814lae.3 for <ietf@ietf.org>; Tue, 02 Jun 2015 14:30:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=ry2f4dFdkSeZ8v649yqpBnwwSbenhwfk5uzIB9QNGc0=; b=bAfrDon2cPjEqCRryUj53TWSsaU4wP8aWlJN0Wo9rAXuGw8Jv9R+uKD8dmnTOQDqC6 Gc5bNOAaa8v45Evd1zUTtyogAAs+bnBMQBr3vfe4WBMhsFEPlSy2ucNMHjvWcTf6+ngA 3kXHA7zLhlBkHBgN7oQJhnl+PixCXxCTkS7YA+RhPo9zl+bn4JC0sEIcw+APH6BrS/dZ /FoMXI1XgkZ7fJMkH14h+kEnw5uR8LvNXboD4u+5Rd7gpc//3e6u3V3TpQ5LsgU8B+HY nUeKUSc9OwivQmanWns0dJ2YuNFxwnzcInNYgnmtJWl8t8tND1aBEgF51FKYHtf/seY6 Vlkw==
X-Gm-Message-State: ALoCoQnB5N/1U1RALYsl6wKSRv18eWOoABda++gEDB5eUX2EH+t+N6qZX8FBMWkI5UasyJPwOuJ1
MIME-Version: 1.0
X-Received: by 10.112.118.206 with SMTP id ko14mr28531688lbb.28.1433280640351; Tue, 02 Jun 2015 14:30:40 -0700 (PDT)
Received: by 10.25.214.162 with HTTP; Tue, 2 Jun 2015 14:30:40 -0700 (PDT)
In-Reply-To: <556E1F7C.7060602@isi.edu>
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com> <CAL02cgRPFooA5fVFwvdprb3wPD+Y55pD+7RWjkACDv7T_TBW5Q@mail.gmail.com> <556DE0EF.2040809@isi.edu> <CAL02cgSdSFOaDqz9+jAZ7KsoMXOa5u=ff_i=c3EQ-SG0-ZPG7A@mail.gmail.com> <556DFCF7.3020607@isi.edu> <CAL02cgSOWpV51mQUdmeFwJaDS1fDWfG5Du4tRGgVW8OtvR1z3Q@mail.gmail.com> <556E1F7C.7060602@isi.edu>
Date: Tue, 02 Jun 2015 17:30:40 -0400
Message-ID: <CAL02cgTDXkmUwVHWo2_jrj+Lj4AcxnMUj98V2L4wqLrB9Mf9cw@mail.gmail.com>
Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF"
From: Richard Barnes <rlb@ipv.sx>
To: Joe Touch <touch@isi.edu>
Content-Type: multipart/alternative; boundary="047d7b8738b66e958c05178fa7e7"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/R0MEg2Tl1MDo6UuJCOe3qWGloho>
Cc: "ietf@ietf.org" <ietf@ietf.org>, IETF Announcement List <ietf-announce@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2015 21:30:44 -0000
On Tue, Jun 2, 2015 at 5:26 PM, Joe Touch <touch@isi.edu> wrote: > > > On 6/2/2015 2:19 PM, Richard Barnes wrote: > > > > > > On Tue, Jun 2, 2015 at 2:59 PM, Joe Touch <touch@isi.edu > > <mailto:touch@isi.edu>> wrote: > > > > > > > > On 6/2/2015 11:51 AM, Richard Barnes wrote: > > > > > > > > > On Tue, Jun 2, 2015 at 12:59 PM, Joe Touch <touch@isi.edu <mailto: > touch@isi.edu> > > > <mailto:touch@isi.edu <mailto:touch@isi.edu>>> wrote: > > > > > > On 6/1/2015 10:16 AM, Richard Barnes wrote: > > > > Do it. Do it boldly and fearlessly. Make the statement and > implement it. > > > > > > > ... > > > > Don't be tied to legacy. Anything that doesn't support > HTTPS at this > > > > point needs to upgrade and deserves to be broken. > > > > > > Leaving out the have-nots - or those whose access is blocked > by others > > > when content cannot be scanned - isn't moving forward. > > > > > > > > > [citation-required] > > > > > > Where is this place where the entire HTTPS web is not accessible? > > > > http://en.wikipedia.org/wiki/Censorship_of_Wikipedia > > > > Search for HTTPS. > > > > > > This is all that that search turns up: > > """ > > Chinese authorities started blocking access to the secure (https) > > version of the site on 31 May 2013, although the non-secure (http) > > version is still available – the latter is vulnerable to keyword > > filtering allowing individual articles to be selectively blocked. > > Greatfire urged Wikipedia and users to circumvent the block by using > > https access to other IP addresses owned by Wikipedia. > > """ > > > > If censors want to block the IETF website, they can do it with or > > without HTTPS. > > But that's not what they DID. > > They blocked the activity they couldn't monitor. I would rather not preemptively knuckle under to censorship. If it turns out that we turn on HTTPS and nobody can see it, we can adapt to that fact. --Richard
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Bob Hinden
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Harald Alvestrand
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Phillip Hallam-Baker
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Paul Wouters
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Baugher (mbaugher)
- Where are the places that block encrypted traffic? Sam Hartman
- Re: Proposed Statement on "HTTPS everywhere for t… S Moonesamy
- Re: Proposed Statement on "HTTPS everywhere for t… John Levine
- Re: Proposed Statement on "HTTPS everywhere for t… Masataka Ohta
- Re: Proposed Statement on "HTTPS everywhere for t… Eliot Lear
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Where are the places that block encrypted tra… Patrik Fältström
- Re: Proposed Statement on "HTTPS everywhere for t… Eliot Lear
- Re: Proposed Statement on "HTTPS everywhere for t… Harald Alvestrand
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Where are the places that block encrypted tra… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… Stewart Bryant
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… l.wood
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Where are the places that block encrypted tra… Mark Andrews
- Re: Where are the places that block encrypted tra… Sam Hartman
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Proposed Statement on "HTTPS everywhere for t… Stewart Bryant
- Re: Proposed Statement on "HTTPS everywhere for t… t.p.
- Re: Proposed Statement on "HTTPS everywhere for t… t.p.
- Re: Where are the places that block encrypted tra… Tim Bray
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Where are the places that block encrypted tra… Warren Kumari
- Re: Proposed Statement on "HTTPS everywhere for t… Cullen Jennings (fluffy)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Cullen Jennings (fluffy)
- Re: Proposed Statement on "HTTPS everywhere for t… John C Klensin
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… John C Klensin
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Yoav Nir
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Hildebrand
- RE: Proposed Statement on "HTTPS everywhere for t… Christian Huitema
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Benson Schliesser
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… l.wood
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell