Re: Proposed Statement on "HTTPS everywhere for the IETF"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Jun 4, 2015, at 3:06 AM, Yoav Nir <ynir.ietf@xxxxxxxxx> wrote:
> The statement (made by Richard Barnes, not by the IESG) that the IETF should lead by example and move to all HTTPS is very political. The proposal prioritizes the concerns of some group (small or large) and levies a burden on the entire community (TLS is not free; finding www.cleartext.ietf.org takes effort). That is a political decision. It’s a small one. I agree with John Klensin that this is something the IESG could (and should) have done on its own without starting a discussion on a proposed statement.

I don't disagree that TLS is not free.   However, a useful measure of the importance of your statement here would be to ask you whether in fact https-by-default would actually be expensive enough to motivate you to change your behavior?   I suspect the answer is no.   Virtually all data that goes over the Internet is encrypted.   Of course most of that is video streams, but think about how much data that is.

Compared to the puny amount of data that you can get by downloading content from the IETF, it's hard to imagine anyone using cleartext.ietf.org for any reason other than that they happen to live in a repressive society, in which case the need to use this feature will be a fairly minor inconvenience compared to the rest of the hassle that they are no doubt dealing with on a daily basis.

So why are we still arguing about this?





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]