Re: https at ietf.org

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- Original Message -----
From: "Tim Bray" <tbray@xxxxxxxxxxxxxx>
To: <ned+ietf@xxxxxxxxxxxxxxxxx>
Cc: "Måns Nilsson" <mansaxel@xxxxxxxxxxxxxxxx>; "Ned Freed"
<ned.freed@xxxxxxxxxxx>; "IETF-Discussion Discussion" <ietf@xxxxxxxx>;
"Eric Burger" <eburger@xxxxxxxxxxxxxxxxxx>
Sent: Thursday, November 07, 2013 5:45 PM
On Thu, Nov 7, 2013 at 8:54 AM, <ned+ietf@xxxxxxxxxxxxxxxxx> wrote:

>
> > The trust that the
> > Government(s) will only tap the traffic of those that are a grave
concern
> > to their security interests has completely vanished.
>
> That doesn't trump the need for access to our materials to be as open
as
> possible.
>

Hmm, what does “open” mean? Maximally accessible technologically, or
maximally accessible without any worry about who might be watching?  The
answer isn’t obvious at all.

<tp>

To me it is obvious, that it is technological access that comes first
e.g. RFC in plain text, e-mails in plain text, e-mails kept short,
unrestricted access to the mailing lists and to the mail archives, basic
protocols (FTP, SMTP) and so on.

Our Introduction says
"The IETF is completely open to newcomers."
Well, open to those who have an adequate level of technology and that we
should keep as low as is practicable.  Demand something more - TLS, CMS,
IMAP etc - and you will start to cut people off from our work.

Keeping what you are doing hidden, from your boss, the police, the
government, your family etc, that comes second.

Tom Petch







This is a discussion that needs to happen at much greater length and
depth,
and outside not just inside the IETF community.  But, FYI, there are a
substantial number of people who feel like the sane response to
pervasive
surveillance is pervasive encryption.  And if you encrypt “only the
controversial stuff”, you make encryption itself controversial, and its
use
a red flag for those currently attacking the Internet.  So; I don’t
think
I’m insane, or even unreasonably paranoid, but I do think it would be a
very good thing, and would maximize the general usefulness of our
resources, if we switched all public-facing IETF resources to
HTTPS-only.

I’m perfectly aware that there are those who disagree.

 -T



>
>                                 Ned
>







[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]