> On Wed, Nov 6, 2013 at 3:01 PM, Ned Freed <ned.freed@xxxxxxxxxxx> wrote: > > > Allowing HTTPS, on the other hand, does not. Unfortunately, because of > > the > > > nature of HTTP/HTTPS, we cannot perform opportunistic encryption in the > > > same way as with the mail and XMPP services we use. > > > > Perhaps that is a problem that deserves further attention. > > > It would mean getting UA and server support for RFC 2817, though. In light of the sentiments expressed at the plenary and in perpass in regards to opportunistic encryptions, perhaps this is the dogfood we should be eating. Ned