W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2013

Re: Pervasive encryption: Pro and contra

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Sun, 17 Nov 2013 20:03:20 +0000
To: Mike Belshe <mike@belshe.com>
cc: Robert Collins <robertc@squid-cache.org>, Tim Bray <tbray@textuality.com>, httpbis mailing list <ietf-http-wg@w3.org>
Message-ID: <57688.1384718600@critter.freebsd.dk>
In message <CABaLYCtyuvjX+VwmUXcA9cCr6E0_fCS+fUWfruC9cQaAGvX_ew@mail.gmail.com>
, Mike Belshe writes:

>No, this is a pro not a con.  It is unethical for us to ship unsecure
>software.   http without tls is fundamentally below the bar of basic, known
>best practices.


It may be below your personal political point of view, but I have
yet to hear one single porn-site say that lack of encryption is
below their standard.

That's only funny until you remember that they and they move about
30% of the HTTP bytes on the net.

Furthermore, television is being "de-cabled" and I have yet to hear
any of them wanting to first expend effort on DRM encryption and then
wrap that in an extra layer of encryption because it would be
"below the bar" for somebodys "best practice".

HTTP/2 is a protocol Mike, it is not a policy.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Sunday, 17 November 2013 20:03:44 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:19 UTC