Re: https at ietf.org

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 






On Thu, Nov 7, 2013 at 5:19 PM, Noel Chiappa <jnc@xxxxxxxxxxxxxxxxxxx> wrote:
    > From: ned+ietf@xxxxxxxxxxxxxxxxx

    > In light of the sentiments expressed at the plenary and in perpass in
    > regards to opportunistic encryptions, perhaps this is the dogfood we
    > should be eating.

Yes, encrypting publicly available documents will do so much to increase our
privacy.


That's not what Ned or I was hinting at.

RFC 2817 describes a mechanism for connecting on port 80, and asking the server nicely to switch to TLS, rather than connecting on port 443 and switching to TLS from the outset.

It's the equivalent of the majority of protocols, which support a "STARTTLS" or similar extension, making it trivial to provide and use optional, opportunistic, encryption.

What this would allow is that browsers could *easily* use TLS to provide some protection, even when given an "http" scheme URI.

Dave.

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]