> How does the use of HTTPS restrict who can participate in the IETF? It does so by limiting the set of tools that can be used to access our stuff. Additionally, there may be places where the use of https is inherently problematic. > That is like saying that because we no longer offer Gopher, we have closed > off participation to some (possibly null) set of Internet users. And that would indeed be the case if there was a set of potential users and useful tools out there that supported nothing but gopher. AFAIK that's not the case. In the case of http access I know it to be true. > If we do not encourage the use of our own work, why should anyone else use it? Encouraging the use of our work - our standards - is exactly the issue here. You're trying to impose privacy requirements on a use-case where they simply don't make sense. And if you think forcing the use of https on our web site provides https with some sort of much-needed usage boost to that protocol, you're in serious need of a reality check. Again, by all means offer https. And make sure that once in the https sphere the links you find cause you to stay in that sphere. But requiring it goes too far. What, is the next step to shut down things like rsync because there is no secure version? Ned