Re: https at ietf.org

t.p. <daedulus@btconnect.com> Thu, 07 November 2013 18:21 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4859B11E8208 for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 10:21:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.583
X-Spam-Level:
X-Spam-Status: No, score=-3.583 tagged_above=-999 required=5 tests=[AWL=0.016, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5hAZygjkm+Yo for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 10:21:10 -0800 (PST)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe004.messaging.microsoft.com [216.32.180.14]) by ietfa.amsl.com (Postfix) with ESMTP id 2353D11E8282 for <ietf@ietf.org>; Thu, 7 Nov 2013 10:20:01 -0800 (PST)
Received: from mail128-va3-R.bigfish.com (10.7.14.234) by VA3EHSOBE014.bigfish.com (10.7.40.64) with Microsoft SMTP Server id 14.1.225.22; Thu, 7 Nov 2013 18:20:00 +0000
Received: from mail128-va3 (localhost [127.0.0.1]) by mail128-va3-R.bigfish.com (Postfix) with ESMTP id 4ED98200381; Thu, 7 Nov 2013 18:20:00 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:157.56.249.85; KIP:(null); UIP:(null); IPV:NLI; H:AMSPRD0710HT001.eurprd07.prod.outlook.com; RD:none; EFVD:NLI
X-SpamScore: -9
X-BigFish: PS-9(zz98dI9371Ic89bh1b0bI542I1432Ibc68ozz1f42h2148h208ch1ee6h1de0h1fdah2073h2146h1202h1e76h20f7h1d1ah1d2ah1fc6hzz1de098h1033IL8275bh8275dh1de097hz2dh2a8h5a9h839h93fhd24hf0ah1177h1179h1288h12a5h12a9h12bdh137ah139eh13b6h1441h1504h1537h162dh1631h1758h17f1h184fh1898h18e1h1946h19b5h19ceh1ad9h1b0ah2222h224fh1d0ch1d2eh1d3fh1dfeh1dffh1e1dh1e23h2218h2216h304l1d11m1155h)
Received: from mail128-va3 (localhost.localdomain [127.0.0.1]) by mail128-va3 (MessageSwitch) id 1383848398673139_17470; Thu, 7 Nov 2013 18:19:58 +0000 (UTC)
Received: from VA3EHSMHS032.bigfish.com (unknown [10.7.14.230]) by mail128-va3.bigfish.com (Postfix) with ESMTP id 92B411800D4; Thu, 7 Nov 2013 18:19:58 +0000 (UTC)
Received: from AMSPRD0710HT001.eurprd07.prod.outlook.com (157.56.249.85) by VA3EHSMHS032.bigfish.com (10.7.99.42) with Microsoft SMTP Server (TLS) id 14.16.227.3; Thu, 7 Nov 2013 18:19:58 +0000
Received: from DB3PRD0210HT004.eurprd02.prod.outlook.com (157.56.253.69) by pod51017.outlook.com (10.255.160.164) with Microsoft SMTP Server (TLS) id 14.16.371.2; Thu, 7 Nov 2013 18:19:45 +0000
Message-ID: <089501cedbe5$997505a0$4001a8c0@gateway.2wire.net>
From: "t.p." <daedulus@btconnect.com>
To: Tim Bray <tbray@textuality.com>
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com><alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com><01P0FR4HDQNG00004G@mauve.mrochek.com><CAHBU6ivZS33r4HHbCC391Ug9fMtZkJ3nojEeeqH5L+0+o3ZqGQ@mail.gmail.com><01P0FU0CS96Q00004G@mauve.mrochek.com><26C6A672-A5D2-44C4-B343-9CCE5E388348@standardstrack.com><01P0GHJKW8PY00004G@mauve.mrochek.com><20131107045629.GE21546@besserwisser.org><01P0HBB3DIIC00004G@mauve.mrochek.com><20131107080102.GF21546@besserwisser.org><01P0HZY6YB9O00004H@mauve.mrochek.com> <CAHBU6iuW6OajgLK0HOY2i-ewAHy0dX7iaarQykq3PWsn00m0aQ@mail.gmail.com>
Subject: Re: https at ietf.org
Date: Thu, 07 Nov 2013 18:17:14 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-Originating-IP: [157.56.253.69]
Content-Transfer-Encoding: quoted-printable
X-OriginatorOrg: btconnect.com
X-FOPE-CONNECTOR: Id%0$Dn%*$RO%0$TLS%0$FQDN%$TlsDn%
Cc: IETF-Discussion Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 18:21:15 -0000

----- Original Message -----
From: "Tim Bray" <tbray@textuality.com>
To: <ned+ietf@mauve.mrochek.com>
Cc: "Måns Nilsson" <mansaxel@besserwisser.org>; "Ned Freed"
<ned.freed@mrochek.com>; "IETF-Discussion Discussion" <ietf@ietf.org>;
"Eric Burger" <eburger@standardstrack.com>
Sent: Thursday, November 07, 2013 5:45 PM
On Thu, Nov 7, 2013 at 8:54 AM, <ned+ietf@mauve.mrochek.com> wrote:

>
> > The trust that the
> > Government(s) will only tap the traffic of those that are a grave
concern
> > to their security interests has completely vanished.
>
> That doesn't trump the need for access to our materials to be as open
as
> possible.
>

Hmm, what does “open” mean? Maximally accessible technologically, or
maximally accessible without any worry about who might be watching?  The
answer isn’t obvious at all.

<tp>

To me it is obvious, that it is technological access that comes first
e.g. RFC in plain text, e-mails in plain text, e-mails kept short,
unrestricted access to the mailing lists and to the mail archives, basic
protocols (FTP, SMTP) and so on.

Our Introduction says
"The IETF is completely open to newcomers."
Well, open to those who have an adequate level of technology and that we
should keep as low as is practicable.  Demand something more - TLS, CMS,
IMAP etc - and you will start to cut people off from our work.

Keeping what you are doing hidden, from your boss, the police, the
government, your family etc, that comes second.

Tom Petch







This is a discussion that needs to happen at much greater length and
depth,
and outside not just inside the IETF community.  But, FYI, there are a
substantial number of people who feel like the sane response to
pervasive
surveillance is pervasive encryption.  And if you encrypt “only the
controversial stuff”, you make encryption itself controversial, and its
use
a red flag for those currently attacking the Internet.  So; I don’t
think
I’m insane, or even unreasonably paranoid, but I do think it would be a
very good thing, and would maximize the general usefulness of our
resources, if we switched all public-facing IETF resources to
HTTPS-only.

I’m perfectly aware that there are those who disagree.

 -T



>
>                                 Ned
>