Re: https at ietf.org
ned+ietf@mauve.mrochek.com Thu, 07 November 2013 20:20 UTC
Return-Path: <ned+ietf@mauve.mrochek.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90C0211E8275 for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 12:20:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.576
X-Spam-Level:
X-Spam-Status: No, score=-2.576 tagged_above=-999 required=5 tests=[AWL=0.023, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h8NxEspDdeXK for <ietf@ietfa.amsl.com>; Thu, 7 Nov 2013 12:19:56 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by ietfa.amsl.com (Postfix) with ESMTP id 6C59511E822F for <ietf@ietf.org>; Thu, 7 Nov 2013 12:19:56 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P0I6UE51OG0007UG@mauve.mrochek.com> for ietf@ietf.org; Thu, 7 Nov 2013 12:14:54 -0800 (PST)
MIME-version: 1.0
Content-type: TEXT/PLAIN; charset="UTF-8"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P0DS85DTO000004G@mauve.mrochek.com> (original mail from NED@mauve.mrochek.com) for ietf@ietf.org; Thu, 7 Nov 2013 12:14:49 -0800 (PST)
From: ned+ietf@mauve.mrochek.com
Message-id: <01P0I6UBYTL000004G@mauve.mrochek.com>
Date: Thu, 07 Nov 2013 12:02:46 -0800
Subject: Re: https at ietf.org
In-reply-to: "Your message dated Thu, 07 Nov 2013 09:45:35 -0800" <CAHBU6iuW6OajgLK0HOY2i-ewAHy0dX7iaarQykq3PWsn00m0aQ@mail.gmail.com>
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com> <alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com> <01P0FR4HDQNG00004G@mauve.mrochek.com> <CAHBU6ivZS33r4HHbCC391Ug9fMtZkJ3nojEeeqH5L+0+o3ZqGQ@mail.gmail.com> <01P0FU0CS96Q00004G@mauve.mrochek.com> <26C6A672-A5D2-44C4-B343-9CCE5E388348@standardstrack.com> <01P0GHJKW8PY00004G@mauve.mrochek.com> <20131107045629.GE21546@besserwisser.org> <01P0HBB3DIIC00004G@mauve.mrochek.com> <20131107080102.GF21546@besserwisser.org> <01P0HZY6YB9O00004H@mauve.mrochek.com> <CAHBU6iuW6OajgLK0HOY2i-ewAHy0dX7iaarQykq3PWsn00m0aQ@mail.gmail.com>
To: Tim Bray <tbray@textuality.com>
Cc: ned+ietf@mauve.mrochek.com, Måns Nilsson <mansaxel@besserwisser.org>, Ned Freed <ned.freed@mrochek.com>, IETF-Discussion Discussion <ietf@ietf.org>, Eric Burger <eburger@standardstrack.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 20:20:00 -0000
> On Thu, Nov 7, 2013 at 8:54 AM, <ned+ietf@mauve.mrochek.com> wrote: > > > > > The trust that the > > > Government(s) will only tap the traffic of those that are a grave concern > > > to their security interests has completely vanished. > > > > That doesn't trump the need for access to our materials to be as open as > > possible. > > > Hmm, what does “open” mean? Maximally accessible technologically, or > maximally accessible without any worry about who might be watching? The > answer isn’t obvious at all. Mandating https on IETF web sites won't prevent people from seeing the access. And thay may well constitute a reason to worry. Indeed, the fact that content isn't observable may make the access more problematic in certain places, not less. So let's not pretend this accomplishes the goal of eliminating worry about who may be watching, OK? > This is a discussion that needs to happen at much greater length and depth, > and outside not just inside the IETF community. But, FYI, there are a > substantial number of people who feel like the sane response to pervasive > surveillance is pervasive encryption. And if you encrypt “only the > controversial stuff”, you make encryption itself controversial, and its use > a red flag for those currently attacking the Internet. Ah yes, the old postcard argument. I didn't really buy it when Phil Zimmerman made it ~20 years ago and I don't really buy it now, because it fails to take traffic analysis into account. And if there's one thing we have learned from the recent disclosures, it's that traffic analysis is a big deal. But this is the thing about opportunistic encryption: We can make the shift to mostly using envelopes without having to abandon or inconvenience lots of people and without compromising our mission in the process. Ned
- Re: https at ietf.org Eric Burger
- https at ietf.org Tim Bray
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org David Morris
- Re: https at ietf.org Paul Wouters
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Dean Willis
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org Hector Santos
- Re: https at ietf.org Marco Davids (Prive)
- Re: https at ietf.org Hector Santos
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org Thiago Marinello
- Re: https at ietf.org Bjoern Hoehrmann
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org Ted Lemon
- authentication without https (was Re: https at ie… Dave Crocker
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: authentication without https (was Re: https a… Ted Lemon
- Re: https at ietf.org MAISONNEUVE, JULIEN (JULIEN)
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Marco Davids (Prive)
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Carsten Bormann
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Carsten Bormann
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org t.p.
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Arturo Servin
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org Chris Inacio
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org t.p.
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Chris Inacio
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Douglas Otis
- Re: https at ietf.org Pranesh Prakash
- Re: https at ietf.org Pranesh Prakash
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org John R Levine
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Joe Abley
- Coercion S Moonesamy
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org John Levine
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Michael Richardson
- Reconstruct the key S Moonesamy
- Re: https at ietf.org Randy Bush
- Re: https at ietf.org Randy Bush
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Sean Turner
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Doug Barton
- Re: [IETF] https at ietf.org Warren Kumari
- Re: [IETF] https at ietf.org Michael Richardson
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Mark Andrews
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Douglas Otis