> Date: Tue, 2 Jun 2015 14:26:20 -0700
> From: touch@xxxxxxx > To: rlb@xxxxxx > Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF" > CC: ietf@xxxxxxxx; ietf-announce@xxxxxxxx > > > > On 6/2/2015 2:19 PM, Richard Barnes wrote: > > > > > > On Tue, Jun 2, 2015 at 2:59 PM, Joe Touch <touch@xxxxxxx > > <mailto:touch@xxxxxxx>> wrote: > > > > > > > > On 6/2/2015 11:51 AM, Richard Barnes wrote: > > > > > > > > > On Tue, Jun 2, 2015 at 12:59 PM, Joe Touch <touch@xxxxxxx <mailto:touch@xxxxxxx> > > > <mailto:touch@xxxxxxx <mailto:touch@xxxxxxx>>> wrote: > > > > > > On 6/1/2015 10:16 AM, Richard Barnes wrote: > > > > Do it. Do it boldly and fearlessly. Make the statement and implement it. > > > > > > > ... > > > > Don't be tied to legacy. Anything that doesn't support HTTPS at this > > > > point needs to upgrade and deserves to be broken. > > > > > > Leaving out the have-nots - or those whose access is blocked by others > > > when content cannot be scanned - isn't moving forward. > > > > > > > > > [citation-required] > > > > > > Where is this place where the entire HTTPS web is not accessible? > > > > http://en.wikipedia.org/wiki/Censorship_of_Wikipedia > > > > Search for HTTPS. > > > > > > This is all that that search turns up: > > """ > > Chinese authorities started blocking access to the secure (https) > > version of the site on 31 May 2013, although the non-secure (http) > > version is still available – the latter is vulnerable to keyword > > filtering allowing individual articles to be selectively blocked. > > Greatfire urged Wikipedia and users to circumvent the block by using > > https access to other IP addresses owned by Wikipedia. > > """ This information is outdated. The https version of Wikipedia is no longer blocked in China, but the http versions of Chinese Wikipedia, Chinese Wikisource, Chinese Wikinews, and Uyghur Wikipedia are blocked in China.[1] Actually the Wikimedia Foundation is considering forcing HTTPS for every Wikipedia visitors, even if the censorship of Wikipedia exists.[2] [1] https://zh.wikipedia.org/wiki/Template:Wiki-accessibility-CHN (in Chinese) [2] https://phabricator.wikimedia.org/T49832#1240760 > > > > If censors want to block the IETF website, they can do it with or > > without HTTPS. > > But that's not what they DID. > > They blocked the activity they couldn't monitor. Another example is that http://www.worldcat.org/ is blocked in China, but https://www.worldcat.org/ is accessible. So my opinion is that, in general, HTTPS is more accessible than HTTP. Xiaoyin |