Re: Where are the places that block encrypted traffic?
Warren Kumari <warren@kumari.net> Wed, 03 June 2015 18:15 UTC
Return-Path: <warren@kumari.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF4581ACED1 for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 11:15:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l_zQlfcE6mss for <ietf@ietfa.amsl.com>; Wed, 3 Jun 2015 11:15:27 -0700 (PDT)
Received: from mail-oi0-f47.google.com (mail-oi0-f47.google.com [209.85.218.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D89E61ACE5F for <ietf@ietf.org>; Wed, 3 Jun 2015 11:15:26 -0700 (PDT)
Received: by oihd6 with SMTP id d6so13747276oih.2 for <ietf@ietf.org>; Wed, 03 Jun 2015 11:15:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-type; bh=Rhk9dzHet0OkiaJl3xi3YCs5t2MXM2fyMDU29yq2pc4=; b=XnZV/1wh+W2OWAF3TJOwqMOk+r0y6nVaJRc61ai7YJZMr/Hw/GmQMoKd++CSOTikFH o7n0uC9T6R424ATFgjM59Q2/WwVf2FDfBmLBbQl3nuI3QbWiddzaxPZOm2R5XToQM5qt rHJ2fBETM1W51mW49pTxK5HD4AmqPHA2GlJDRTdm7KaKvnBudUHg2wwkRFPOoaS32nK2 uk10z4aqYEs5tQ7a043ACBQxJk5zpbKY/UcLJkg/ddtjR+skELKkVKF0+5rOo4RVKxyT FgkHlG8GKlW5KdY+YjmbvQycKJcMEoKw9ZSalQ64SNXPOwvVYjSeNmV+IFULcIU22v9Y 4m0w==
X-Gm-Message-State: ALoCoQnn/x5OEVCah+FE52U6EX8OYOsp9kJUEWa9y2Ukz1BfefdfMxC0vWdGj7X1JUqTJZEkQkdg
X-Received: by 10.60.56.97 with SMTP id z1mr24555691oep.59.1433355326289; Wed, 03 Jun 2015 11:15:26 -0700 (PDT)
MIME-Version: 1.0
References: <20150601164359.29999.35343.idtracker@ietfa.amsl.com> <tsllhg3t0ya.fsf_-_@mit.edu> <51432A40-FAC0-4D04-8CD5-20C56DC25FDD@frobbit.se> <2036457.vXnxjqSTLC@gongo> <20150603015444.32B952FD573D@rock.dv.isc.org> <tslk2vlsf7b.fsf@mit.edu> <CAHBU6isLZgD6PuO_584TBnV30hFKps93iF9mHuqZFYm7rdpQow@mail.gmail.com>
In-Reply-To: <CAHBU6isLZgD6PuO_584TBnV30hFKps93iF9mHuqZFYm7rdpQow@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
Date: Wed, 03 Jun 2015 18:15:15 +0000
Message-ID: <CAHw9_i+0jY6BMoTtru9HrL8jjGOPK_5RJjZ2eP8OUkRzcJxWCA@mail.gmail.com>
Subject: Re: Where are the places that block encrypted traffic?
To: Tim Bray <tbray@textuality.com>, Sam Hartman <hartmans-ietf@mit.edu>
Content-Type: multipart/alternative; boundary="001a11c204fa0f94cc0517a10ba9"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/j226ECYzBLdMurzOl3HR_cD_EPM>
Cc: IETF-Discussion Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 18:15:28 -0000
In 2011 there was the DNS-EASY ( Workshop on DNS health and security ) held at in Rome (http://www.gcsec.org/event/dns-easy-2011-workshop ) It was organized by the "Global Cyber Security Center" and held in some building that was somehow affiliated with the postal service / postel.it. This location blocked all port 443 (and 22, and.. and.. and...). This made people sad, and so I ended up spinning up a VPN server on port 80 for most of the attendees... Sure, anecdotal info, but.... W On Wed, Jun 3, 2015 at 11:04 AM Tim Bray <tbray@textuality.com> wrote: > I travel heavily and visit many different kinds of public & private > institutions; and it has been many years since I’ve observed HTTPS > blockage. Even in China, it seems the blockage is more domain-based than > protocol-based. > > So yes, I’d like to hear evidence for the claim of protocol blockage. > > On Tue, Jun 2, 2015 at 7:23 PM, Sam Hartman <hartmans-ietf@mit.edu> wrote: > >> >>>>> "Mark" == Mark Andrews <marka@isc.org> writes: >> >> >> to be clear, none of this is the sort of thing I was looking for. All >> of this is discussions of parts of the Internet that aren't particularly >> transparent or interested in letting you have open access to large >> portions of the net. >> I don't care if the ietf website is accessible from a hotel before you >> accept the network's terms. >> >> Based on the discussion so far I'd like to see better justification for >> the claim that there are portions of the network that block TLS before >> we make it. >> >> > > > -- > - Tim Bray (If you’d like to send me a private message, see > https://keybase.io/timbray) >
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Bob Hinden
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Harald Alvestrand
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Phillip Hallam-Baker
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Paul Wouters
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Baugher (mbaugher)
- Where are the places that block encrypted traffic? Sam Hartman
- Re: Proposed Statement on "HTTPS everywhere for t… S Moonesamy
- Re: Proposed Statement on "HTTPS everywhere for t… John Levine
- Re: Proposed Statement on "HTTPS everywhere for t… Masataka Ohta
- Re: Proposed Statement on "HTTPS everywhere for t… Eliot Lear
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Where are the places that block encrypted tra… Patrik Fältström
- Re: Proposed Statement on "HTTPS everywhere for t… Eliot Lear
- Re: Proposed Statement on "HTTPS everywhere for t… Harald Alvestrand
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Roland Dobbins
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach (Syndicat.com)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Where are the places that block encrypted tra… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… Stewart Bryant
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… l.wood
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Richard Barnes
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Where are the places that block encrypted tra… Mark Andrews
- Re: Where are the places that block encrypted tra… Sam Hartman
- Re: Proposed Statement on "HTTPS everywhere for t… Jari Arkko
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Proposed Statement on "HTTPS everywhere for t… Stewart Bryant
- Re: Proposed Statement on "HTTPS everywhere for t… t.p.
- Re: Proposed Statement on "HTTPS everywhere for t… t.p.
- Re: Where are the places that block encrypted tra… Tim Bray
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Where are the places that block encrypted tra… Warren Kumari
- Re: Proposed Statement on "HTTPS everywhere for t… Cullen Jennings (fluffy)
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Cullen Jennings (fluffy)
- Re: Proposed Statement on "HTTPS everywhere for t… John C Klensin
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell
- Re: Proposed Statement on "HTTPS everywhere for t… John C Klensin
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Brian E Carpenter
- Re: Proposed Statement on "HTTPS everywhere for t… Yoav Nir
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Hildebrand
- RE: Proposed Statement on "HTTPS everywhere for t… Christian Huitema
- RE: Proposed Statement on "HTTPS everywhere for t… Tony Hain
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Ted Lemon
- Re: Proposed Statement on "HTTPS everywhere for t… Joe Touch
- Re: Proposed Statement on "HTTPS everywhere for t… Benson Schliesser
- Re: Proposed Statement on "HTTPS everywhere for t… Nico Williams
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Niels Dettenbach
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… l.wood
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Xiaoyin Liu
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Hector Santos
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Mark Nottingham
- Re: Proposed Statement on "HTTPS everywhere for t… Roy T. Fielding
- Re: Proposed Statement on "HTTPS everywhere for t… Stephen Farrell