W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: SSL/TLS everywhere fail

From: Willy Tarreau <w@1wt.eu>
Date: Fri, 4 Dec 2015 06:24:36 +0100
To: Mike Belshe <mike@belshe.com>
Cc: httpbis mailing list <ietf-http-wg@w3.org>
Message-ID: <20151204052436.GB19984@1wt.eu>
On Thu, Dec 03, 2015 at 07:47:03PM -0800, Mike Belshe wrote:
> On Thu, Dec 3, 2015 at 10:01 AM, Willy Tarreau <w@1wt.eu> wrote:
> > > People want privacy, encryption, security and safety.   They don't want
> > it
> > > sometimes - they want it all the time.
> >
> > That's wrong. YOU want this and YOU decide that everybody wants this.
> One thing never changes:  the only people that don't want security are
> those peddling archaic proxy products that don't work in the face of
> encryption....

I don't think so since 1) I'm speaking as a user, and 2) the archaic
proxy product I'm working on works well in fact of encryption, and so
well that some users have even contributed the TLS MiTM functionnality
that their enterprise customers are asking for. Needless to say I wasn't
surprized since this natural outcome was predicted eventhough denied by
those who don't put their feet in enterprises.

> OK - I'll stop.  You should too - you've replied with no fewer than 5 (yes
> count them!) posts with the same tired old arguments...

I know and I don't want to continue either, I'm just amazed to see how
blind some people can be when facing facts : TLS was worked around by
law and disabled for a whole country, fine, let's push it even more so
that more people are denied the last bit of privacy they used to have,
since it's "great" to reuse one word I've read here...

Received on Friday, 4 December 2015 05:25:03 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC