On 2 Jun 2015, at 18:48, Nico Williams wrote:
On Tue, Jun 02, 2015 at 10:15:54AM -0700, Paul Hoffman wrote:
On Jun 2, 2015, at 6:44 AM, Joe Abley <jabley@xxxxxxxxxxx> wrote:
If the argument that we should use HTTPS everywhere (which I do not
disagree with) is reasonable, it feels like an argument about
sending encrypted e-mail whenever possible ought to be similarly
reasonable. Given that so much of the work of the IETF happens over
e-mail, a focus on HTTP seems a bit weird.
There's no point to encrypting (to subscribers) posts to *public*
mailing lists!
Yes, I know. Hence "wherever possible". If you have an expectation that
the contents of e-mail conversations are public (e.g. in archives) then
that's not possible. So that's not what I am talking about.
There's also no point to doing anything more than DKIM as far as the
mailing list processor goes.
Sure.
Users should be (and are) able to sign their posts if they like, but I
don't think there's much point to requiring them to.
All agreed.
Perhaps you didn't read my original e-mail, and are just responding to
quoted fragments of it; I was talking about all the e-mail that doesn't
involve public lists. The example I gave was based on an imagined desire
of someone to say something to the IAB as a closed group, not on a
public list, and desiring some privacy in their communications. There
are surely other examples.
Joe