IETF Logo Mail Archive

Re: https at ietf.org

Thiago Marinello <thiago@marinello.eng.br> Wed, 06 November 2013 12:03 UTC

Return-Path: <thiago@marinello.eng.br>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2AA721E80AD for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 04:03:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.976
X-Spam-Level:
X-Spam-Status: No, score=-2.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dpew6JIRDL5d for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 04:03:01 -0800 (PST)
Received: from mail-ie0-f170.google.com (mail-ie0-f170.google.com [209.85.223.170]) by ietfa.amsl.com (Postfix) with ESMTP id 042D321E80CB for <ietf@ietf.org>; Wed, 6 Nov 2013 04:02:59 -0800 (PST)
Received: by mail-ie0-f170.google.com with SMTP id at1so17760929iec.29 for <ietf@ietf.org>; Wed, 06 Nov 2013 04:02:59 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=lBR6CJ5SXofMAKuw6ske2o7jjukawP5Tm0qWYKOO3pA=; b=SF7yJehXEZ5YPS4eB7xs8FRURSGyK2N1BjaFTKoWZnkC921dmI50GvFcAWLYmfpZhn VT2Nd8/k6nqjAZpuBq14heiYnkQUhcvIQr6ecIUF7DrlaKEMI4Dyb+E6wGrFkYXNh2DP Fek3DWySfCX164hHAm4Rqjm5TrawVMi/gZ03KTPWHqSEfgHz16R8bQcFBg42zXAx7qiK ef+80nwSkOhfpb+05Nh82ApO9g2/j+KXK4MN/eOReyotntKxG+BOKcTDyXPGg8aBRRJT Rg+nJx9Q7PbtHm5wY0gr/z5DNXCsbzZ+D5bDqXoSfvvIDRLnkefOI8pKPPOKQH+GSwRu hK2g==
X-Gm-Message-State: ALoCoQmj0Bv5v+l/n8weEI3pSotSIgin403JbdtTsqk1L/N2D6iZN+d17E1DA928twRdxHTIO/wM
X-Received: by 10.42.204.4 with SMTP id fk4mr1761866icb.31.1383739379275; Wed, 06 Nov 2013 04:02:59 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.64.34 with HTTP; Wed, 6 Nov 2013 04:02:39 -0800 (PST)
In-Reply-To: <CAKHUCzzzT-0p89uT62zrxGqF1XACG+Ok7hNLcuTaDad7R7eCTQ@mail.gmail.com>
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com> <alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com> <01P0FR4HDQNG00004G@mauve.mrochek.com> <CAHBU6ivZS33r4HHbCC391Ug9fMtZkJ3nojEeeqH5L+0+o3ZqGQ@mail.gmail.com> <01P0FU0CS96Q00004G@mauve.mrochek.com> <26C6A672-A5D2-44C4-B343-9CCE5E388348@standardstrack.com> <CAKHUCzzzT-0p89uT62zrxGqF1XACG+Ok7hNLcuTaDad7R7eCTQ@mail.gmail.com>
From: Thiago Marinello <thiago@marinello.eng.br>
Date: Wed, 06 Nov 2013 10:02:39 -0200
Message-ID: <CAPzJMbV73ATJLDTojh9SmPoqDoNYw6=d_SYc0b+iQnbR_06fYA@mail.gmail.com>
Subject: Re: https at ietf.org
To: Dave Cridland <dave@cridland.net>
Content-Type: multipart/alternative; boundary="20cf304348422a8d9304ea80ee1a"
Cc: IETF-Discussion Discussion <ietf@ietf.org>, Eric Burger <eburger@standardstrack.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2013 12:03:05 -0000

I have no problem with additional access via HTTPS, IETF already have it.

It is better to have more ways to deliver content. The interested party has
the freedom to choose the best way to access, HTTPS, HTTP, FTP, anything.

If the issue is privacy for those who access, HTTPS can help partially,
they do not intercept the documents that the person reads, but still be
able to know that there was a connection to the computer with the IP
address of the IETF.

But if the problem is to ensure the integrity of documents (RFCs) I suggest
that the RFC Editor digitally sign each published RFC (using GPG), thus
making it possible to check if the document has not been altered during
communication or storage.

Sincerely,

__
 Thiago Marinello
 +55 19 9248 0860



On Wed, Nov 6, 2013 at 9:39 AM, Dave Cridland <dave@cridland.net> wrote:

> On Wed, Nov 6, 2013 at 11:28 AM, Eric Burger <eburger@standardstrack.com>wrote:
>
>> How does the use of HTTPS restrict who can participate in the IETF? That
>> is like saying that because we no longer offer Gopher, we have closed off
>> participation to some (possibly null) set of Internet users.
>>
>> If we do not encourage the use of our own work, why should anyone else
>> use it?
>>
>>
> Requiring HTTPS, particularly with reasonable cipher suites, might
> restrict use of from certain jurisdictions.
>
> Allowing HTTPS, on the other hand, does not. Unfortunately, because of the
> nature of HTTP/HTTPS, we cannot perform opportunistic encryption in the
> same way as with the mail and XMPP services we use.
>
>
>>  On Nov 5, 2013, at 10:41 PM, ned+ietf@mauve.mrochek.com wrote:
>>
>> > This is, or is supposed to be, an open standards body, one that is
>> > trying to encourage as many qualified people as possible to participate.
>> > It makes no sense at all to restrict access in this way.
>>
>>
>

v2.23.0 | Report a Bug | By Email