Re: Proposed Statement on "HTTPS everywhere for the IETF"

Nico Williams <nico@cryptonector.com> Thu, 04 June 2015 19:15 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BBB51A8912 for <ietf@ietfa.amsl.com>; Thu, 4 Jun 2015 12:15:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.233
X-Spam-Level:
X-Spam-Status: No, score=0.233 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I9LqVupYNNRb for <ietf@ietfa.amsl.com>; Thu, 4 Jun 2015 12:15:12 -0700 (PDT)
Received: from homiemail-a107.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id A35001A8911 for <ietf@ietf.org>; Thu, 4 Jun 2015 12:15:12 -0700 (PDT)
Received: from homiemail-a107.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a107.g.dreamhost.com (Postfix) with ESMTP id 6AC8D2004F4E6; Thu, 4 Jun 2015 12:15:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=md0hlD1VbNLAbd JR+EJdmXtyFCI=; b=HYvkXgdyB7s+htgSwnf6WVEfI7wHKIMdi0aHLRtCr55+83 TnXNNZUrQlOB7gnFuVS4F3QxPufLH7HEaRopByuxT5wyexPZHLFVH3bORKVmzk+I g6pNq8dyaWkeL6zk+Xe0wGH8Pqm0Wf+wFrgz6F5RJpJK0tP0gIbBycBFHlQYk=
Received: from localhost (108-207-244-174.lightspeed.austtx.sbcglobal.net [108.207.244.174]) (Authenticated sender: nico@cryptonector.com) by homiemail-a107.g.dreamhost.com (Postfix) with ESMTPA id EA0782004F4E5; Thu, 4 Jun 2015 12:15:10 -0700 (PDT)
Date: Thu, 4 Jun 2015 14:15:09 -0500
From: Nico Williams <nico@cryptonector.com>
To: Tony Hain <alh-ietf@tndh.net>
Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF"
Message-ID: <20150604191508.GO18760@localhost>
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com> <0ab501d09e37$f4098980$dc1c9c80$@tndh.net> <556F6083.4080801@cs.tcd.ie> <0adf01d09e40$cf957b00$6ec07100$@tndh.net> <556F8339.5030002@cs.tcd.ie> <0b3901d09e73$7dad4740$7907d5c0$@tndh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <0b3901d09e73$7dad4740$7907d5c0$@tndh.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/fJV0zZ_52RwZyQEpup4APNnYdI4>
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jun 2015 19:15:13 -0000

On Wed, Jun 03, 2015 at 08:06:45PM -0700, Tony Hain wrote:
> Put another way; if the IESG believes it has the excess time to make
> clearly political statements (rather than focus on the justifiable
> technical requirement), maybe we need to revisit the workload on the
> NomCom and reduce the number of ADs...

You do realize that the IETF *is* a political body...  It being an
organization with more than one participant and all.

The process for publishing RFCs is... political.  The process for
changing the process (but I repeat myself) is political.

How can the IETF be utterly non-political?

I would agree that the IETF should stay away from certain kinds of
political statements, but this isn't it, not least because I can't see
what is controversial or politically objectionable about this statement
in the wider world outside just the IETF.  Will the public in the U.S.
object?  Doubtful.  How about the public in the UK?  Also doubtful.  And
so on and on.  Did the public complain about all the https-only sites
out there?  No, the public did not.

Can we stop it with this thread?  What a waste of time!  For goodness'
sakes, go ahead and make all IETF services TLS-capable, and then someday
let's throw the switch see what happens when we redirect http resources
to https for one day -- if nothing breaks badly that we don't mind
breaking, then let's make that permanent.  How can that possibly be so
damned controversial?  github, for example, did it, and so did many
others -- sites with paying customers.

Nico
--