IETF Logo Mail Archive

Re: https at ietf.org

Doug Barton <dougb@dougbarton.us> Fri, 06 December 2013 07:12 UTC

Return-Path: <dougb@dougbarton.us>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D4B81AE2F3 for <ietf@ietfa.amsl.com>; Thu, 5 Dec 2013 23:12:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.003
X-Spam-Level:
X-Spam-Status: No, score=-2.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WLreESdcRb-1 for <ietf@ietfa.amsl.com>; Thu, 5 Dec 2013 23:12:44 -0800 (PST)
Received: from dougbarton.us (dougbarton.us [IPv6:2607:f2f8:ab14::2]) by ietfa.amsl.com (Postfix) with ESMTP id F1C081AE2E8 for <ietf@ietf.org>; Thu, 5 Dec 2013 23:12:43 -0800 (PST)
Received: from [IPv6:2001:470:d:5e7:4463:c447:4399:fa18] (unknown [IPv6:2001:470:d:5e7:4463:c447:4399:fa18]) by dougbarton.us (Postfix) with ESMTPSA id 3E20F22B15 for <ietf@ietf.org>; Fri, 6 Dec 2013 07:12:40 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dougbarton.us; s=dougbarton.us; t=1386313960; bh=LLEj4Cmw5XfgDRboRUqjRgP7l54JYpbrSmt6cVxHOzM=; h=Date:From:To:Subject:References:In-Reply-To; b=dK3GSZwOJUIQE13G4HisIEHombtZWPQEXDFeWewjCrPV/SaafjWQ+P1TRVTH488nO nKuVoZoHXVqENjpe9Oxe5iZ9OHYajj9dGTrmNuu67qH93nLsH6V5HZdNbSVDZaNQnq A9Bhxzzmfn0zC89Almetwe89sOgxjERXxEDIE2OE=
Message-ID: <52A178E7.4010709@dougbarton.us>
Date: Thu, 05 Dec 2013 23:12:39 -0800
From: Doug Barton <dougb@dougbarton.us>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: https at ietf.org
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com>
In-Reply-To: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com>
X-Enigmail-Version: 1.6
OpenPGP: id=1A1ABC84
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Dec 2013 07:12:45 -0000

On 11/05/2013 04:34 PM, Tim Bray wrote:
> Wouldn’t it be a good idea for everything at *.ietf.org
> <http://ietf.org> to be served by HTTPS, and only by HTTPS?

Having read the thread, some thoughts for what they are worth.

IMO, as long as the substance of the RFCs themselves (and other 
appropriate material) are available over some channel that does not 
require encryption (say FTP for instance) I don't see any reason not to 
force https instead of http on IETF-related web sites. As others have 
pointed out however most resources are already available via https, so 
as a community we should probably be advertising that more widely, 
including using the https link wherever possible.

On a more practical level, I use the excellent Firefox search plugin for 
the tools site which is number 5 on the list here: 
http://mycroftproject.com/search-engines.html?name=rfc

It does this for searches (after my modification to use https):
https://tools.ietf.org/html/{searchTerms}

However when the results come back it's on an http page, instead of 
https. It would be nice if that redirect either always used https, or 
used https if it were called that way.

hth,

Doug

v2.23.0 | Report a Bug | By Email