Re: Proposed Statement on "HTTPS everywhere for the IETF"

Joe Touch <touch@isi.edu> Wed, 03 June 2015 17:15 UTC

Return-Path: <touch@isi.edu>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A0741A912C for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 10:15:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qp7-hOoOv_Rh for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 10:15:42 -0700 (PDT)
Received: from nitro.isi.edu (nitro.isi.edu [128.9.208.207]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCA861ACD05 for <ietf@ietf.org>; Wed, 3 Jun 2015 10:15:41 -0700 (PDT)
Received: from [192.168.1.14] (pool-71-103-148-202.lsanca.dsl-w.verizon.net [71.103.148.202]) (authenticated bits=0) by nitro.isi.edu (8.13.8/8.13.8) with ESMTP id t53HFDW8004271 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 3 Jun 2015 10:15:24 -0700 (PDT)
Message-ID: <556F3620.4020509@isi.edu>
Date: Wed, 03 Jun 2015 10:15:12 -0700
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Xiaoyin Liu <xiaoyin.l@outlook.com>, Richard Barnes <rlb@ipv.sx>
Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF"
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com> <CAL02cgRPFooA5fVFwvdprb3wPD+Y55pD+7RWjkACDv7T_TBW5Q@mail.gmail.com> <556DE0EF.2040809@isi.edu> <CAL02cgSdSFOaDqz9+jAZ7KsoMXOa5u=ff_i=c3EQ-SG0-ZPG7A@mail.gmail.com> <556DFCF7.3020607@isi.edu>, <CAL02cgSOWpV51mQUdmeFwJaDS1fDWfG5Du4tRGgVW8OtvR1z3Q@mail.gmail.com>, <556E1F7C.7060602@isi.edu> <BAY180-W795EFCE21D687DA0B50957FFB40@phx.gbl>
In-Reply-To: <BAY180-W795EFCE21D687DA0B50957FFB40@phx.gbl>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-MailScanner-ID: t53HFDW8004271
X-ISI-4-69-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/bGWxdgRqxt_8AcNMOD15ZQkHo14>
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 17:15:43 -0000


On 6/3/2015 1:51 AM, Xiaoyin Liu wrote:
...
> Actually the Wikimedia Foundation is considering forcing
> HTTPS for every Wikipedia visitors, even if the censorship of Wikipedia
> exists.[2]
...
> [2] https://phabricator.wikimedia.org/T49832#1240760

You're pointing to a discussion that hasn't reached resolution, not an
announced policy change.

There could be good reasons for users to want to use private access (to
hide what they're looking for or the response). But we shouldn't be
forcing that decision on users unless WE care about privacy from the
IETF-server side of things.

I haven't seen anyone make that case yet, and I would argue it's counter
to the notion of our NOTE WELL statement anyway.

Joe