> --On Friday, August 26, 2011 09:43 -0400 Donald Eastlake > <d3e3e3@xxxxxxxxx> wrote: > >> Yup, but why are we using https at all? Who decided, and > >> please would they undecide? Unexpired certificates can be > >> circumvented, but all too often, the https parts of the web > >> site just do not work and, more importantly, I think it wrong > >> to use industrial grade security where none is called for. > > > > The mail archives (and the minutes of the physical meetings) > > are the official record of the Working Groups, IETF, etc. > > Those archives should be available with a reasonably high > > level of integrity and authenticity. > Don, > If that is the goal, wouldn't we be lots better off just > digitally signing those things, just as we are gradually > starting to create signatures for I-Ds, etc.? Verifying that > one is talking to the right server and that the content is not > tampered with in transit is all well and good, but it doesn't > protect against compromised documents or a compromised server at > all. +1. If you want signatures, do them properly. Don't pretend a transfer protection mechanism covering exactly one hop provides real object security, because it doesn't. And as for the "encrypt so the really secret stuff doesn't stand out" argument, that's fine as long as it doesn't cause inconvenience to anyone. That's clearly not the case here. And I'm sorry, the "mistakes were made" notion doesn't really fly: Certificates aren't a "set it and forget it" thing, so if you haven't noted expiration dates on someone's to-do list so they can be updated before expiration, you're not doing it right. Ned _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf