W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Pervasive encryption: Pro and contra

From: Mike Belshe <mike@belshe.com>
Date: Sun, 17 Nov 2013 07:46:54 -0800
Message-ID: <CABaLYCtyuvjX+VwmUXcA9cCr6E0_fCS+fUWfruC9cQaAGvX_ew@mail.gmail.com>
To: Robert Collins <robertc@squid-cache.org>
Cc: Tim Bray <tbray@textuality.com>, httpbis mailing list <ietf-http-wg@w3.org>
No, this is a pro not a con.  It is unethical for us to ship unsecure
software.   http without tls is fundamentally below the bar of basic, known
best practices.
On Nov 17, 2013 12:47 AM, "Robert Collins" <robertc@squid-cache.org> wrote:

> C5.2 Itís unethical to insert encryption into peopleís connections
> without their consent.
> This has an inverse:
> P3 : It's unethical to have presumed-private conversations not be
>
> Arguably to P1 (protection) : this is about expectations of users.
>
> -Rob
>
> On 17 November 2013 14:03, Tim Bray <tbray@textuality.com> wrote:
> > There has been a *whole lot* of traffic on this subject.  Itís
> fascinating
> > that the meeting of minds is so difficult, and any possibility of that
> > happening is made more difficult by the discussion skewing back and forth
> > across the road.
> >
> > To help sort things out in my own mind, I just went and read the last few
> > hundred messages and attempted to curate the pervasive/mandatory
> encryption
> > arguments, pro and contra.  Itís in a Google doc thatís open to comment
> by
> > anyone: http://goo.gl/6yhpC1  Hm, is there a handy wiki platform
> somewhere
> > that can stand up to the pressure?
> >
> > I donít know if trying to organize the talking points is generally
> useful,
> > but I sure found it personally useful; maybe others will too.
> >
> > Disclosure: I remain pretty strongly in favor of as much mandatory
> > encryption as we can get, so that may have filtered my expression of the
> > issues.  I've version-stamped this: 2013/11/16, and promise not to
> change it
> > in case people comment on it.
>
>
Received on Sunday, 17 November 2013 15:47:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC