IESG Statement on Maximizing Encrypted Access To IETF Information

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Date: 20 August 2015

The IETF has recognised that the act of accessing public information 
required for routine tasks can be privacy sensitive and can benefit from 
using a confidentiality service, such as is provided by TLS. [BCP188] 
The IETF in its normal operation publishes a significant volume of 
public data (such as Internet-drafts), to which this argument applies. 
The IETF also handles non-public data (such as comments to NomCom, the 
IETF's nominating committee) that requires confidentiality due to the 
nature of the data concerned.

The IESG and the broader community [moz-https-only] have further 
concluded that there can be other harmful effects in continuing to 
access public data as cleartext. Recent massive-scale man-on-the-side 
intermediary attackers have been seen to take advantage of the absence 
of security to mount active attacks that would be more difficult had a 
transport security mechanism such as TLS been used. [great-cannon, 
quantum]

The IESG has therefore agreed that all IETF information must, by 
default, be made available in a privacy-friendly form that matches 
relevant best current practices. Further, all future embedded 
interactions with the IETF (such as <a> tags in HTML) should default to 
causing access via that privacy-friendly form. For content currently 
accessed using the HTTP protocol, using HTTPS URIs and appropriate TLS 
cipher-suites [BCP195] will be the preferred access mechanism, however 
this direction encompasses more than HTTP traffic alone.

However, as there may be tools affected by this, and recognising that 
there are a number of IETF participants who prefer to continue to access 
materials via cleartext, or who have issues with using standard 
confidentiality services, the IESG are also requiring that public 
information continue to be made available in clear, for example via HTTP 
without TLS.

The changes caused by this statement should only need operational 
systems work and should be transparent to almost all consumers of IETF 
information. There are a small number of cases where these changes might 
cause some issues, e.g., the current Internet-Draft boilerplate text, 
which uses the http: URI scheme. The IESG will work with the broader 
community, tools teams, and IETF Secretariat to make these adjustments 
while minimising disruption to the community.

Note that the "secure/privacy-friendly as the default according to best 
practices" principle set out in this statement applies to all IETF 
information, regardless of the protocol used to access that information.

References

[BCP188] https://tools.ietf.org/html/bcp188

[great-cannon] https://citizenlab.org/2015/04/chinas-great-cannon/

[moz-https-only] https://blog.mozilla.org/security/2015/04/30/
deprecating-non-secure-http/

[quantum] https://www.wired.com/2014/03/quantum/

[BCP195] https://tools.ietf.org/html/bcp195




[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux