Re: https at ietf.org

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bjoern Hoehrmann [2013-11-06 07:24]:
> * Joe Abley wrote:
>> On 2013-11-05, at 18:21, ned+ietf@xxxxxxxxxxxxxxxxx wrote:
>>
>>> not every tool out there supports https.
>>
>> That seems like the kind of thing we want to change (security as an 
>> afterthought vs. security as a fundamental requirement).
> 
> A typical problem I have is that I forgot to install Honest Achmed's
> certificates and then tools refuse to work and they might not have an
> option to ignore the problem. Cygwin tools for instance; apparently
> the certificate bundle is not part of the base system. It is also
> very very common that certificates are for the wrong hostnames or are
> expired leading to tool failure. It can be very frustrating when the
> remote host refuses to operate under plain 'http' in such cases.

Does that point to the Cygwin tools needing to be fixed, and for servers
to use certificates properly, or does that point to a need to ensure
that the standard doesn't evolve to cope with current frustrations?

-- 
Pranesh Prakash
Policy Director
Centre for Internet and Society
T: +91 80 40926283 | W: http://cis-india.org
PGP ID: 0x1D5C5F07 | Twitter: @pranesh_prakash
--------------------
Postgraduate Associate & Access to Knowledge Fellow
Information Society Project, Yale Law School
T: +1 520 314 7147 | W: http://yaleisp.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]