> By using CloudFlare IETF is actively blocking Tor connections to IETF
> page.
i agree this is a problem. but i am not sure about the solution space.
are we trading one form of security for another?
what is the treat model which drives us to tls/https? authenticity of
the data? privacy of what i access? in the scheme of things, how
important are our data anyway and what are we trading for perceived
protection?
how much load-spreading and resilience do ietf web/wiki/archives
actually need? if they need a cdn, and i am not so sure they do, can we
have a cdn which supports tls without being a monkey in the middle? do
we pay to deploy a half dozen anycasted instances of our own and
maintain them [0]?
some of this we have discussed before, maybe not as insightfully as we
might have.
randy
0 - sysadmin is similar to doing the dishes; you go to sleep with a
clean kitchen, but there will be more dishes tomorrow.