IETF Logo Mail Archive

Re: https at ietf.org

ned+ietf@mauve.mrochek.com Wed, 06 November 2013 15:05 UTC

Return-Path: <ned+ietf@mauve.mrochek.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EA0011E8150 for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 07:05:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sIqm11ZWcJ-k for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 07:05:04 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by ietfa.amsl.com (Postfix) with ESMTP id 3F15511E80DC for <ietf@ietf.org>; Wed, 6 Nov 2013 07:05:04 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P0GHJNKOHC0003ZZ@mauve.mrochek.com> for ietf@ietf.org; Wed, 6 Nov 2013 07:00:02 -0800 (PST)
MIME-version: 1.0
Content-type: TEXT/PLAIN; CHARSET="iso-8859-1"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01P0DS85DTO000004G@mauve.mrochek.com> (original mail from NED@mauve.mrochek.com) for ietf@ietf.org; Wed, 6 Nov 2013 06:59:54 -0800 (PST)
From: ned+ietf@mauve.mrochek.com
Message-id: <01P0GHJKW8PY00004G@mauve.mrochek.com>
Date: Wed, 06 Nov 2013 06:52:45 -0800
Subject: Re: https at ietf.org
In-reply-to: "Your message dated Wed, 06 Nov 2013 06:28:50 -0500" <26C6A672-A5D2-44C4-B343-9CCE5E388348@standardstrack.com>
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com> <alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com> <01P0FR4HDQNG00004G@mauve.mrochek.com> <CAHBU6ivZS33r4HHbCC391Ug9fMtZkJ3nojEeeqH5L+0+o3ZqGQ@mail.gmail.com> <01P0FU0CS96Q00004G@mauve.mrochek.com> <26C6A672-A5D2-44C4-B343-9CCE5E388348@standardstrack.com>
To: Eric Burger <eburger@standardstrack.com>
Cc: IETF-Discussion Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2013 15:05:16 -0000

> How does the use of HTTPS restrict who can participate in the IETF?

It does so by limiting the set of tools that can be used to access our stuff.
Additionally, there may be places where the use of https is inherently
problematic.

> That is like saying that because we no longer offer Gopher, we have closed
> off participation to some (possibly null) set of Internet users.

And that would indeed be the case if there was a set of potential users and
useful tools out there that supported nothing but gopher. AFAIK that's not the
case. In the case of http access I know it to be true.

> If we do not encourage the use of our own work, why should anyone else use it?

Encouraging the use of our work - our standards - is exactly the issue here.
You're trying to impose privacy requirements on a use-case where they simply
don't make sense.

And if you think forcing the use of https on our web site provides https with
some sort of much-needed usage boost to that protocol, you're in serious need
of a reality check.

Again, by all means offer https. And make sure that once in the https
sphere the links you find cause you to stay in that sphere.

But requiring it goes too far. What, is the next step to shut down things
like rsync because there is no secure version?

				Ned

v2.23.0 | Report a Bug | By Email