- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Fri, 04 Dec 2015 06:37:27 +0000
- To: Jacob Appelbaum <jacob@appelbaum.net>
- cc: Mike Belshe <mike@belshe.com>, Amos Jeffries <squid3@treenet.co.nz>, httpbis mailing list <ietf-http-wg@w3.org>
-------- In message <CAFggDF3aDuf6iZqr+n9yvKFfVVjvyntRL=DmA7vmXLh626BOHw@mail.gmail.com> , Jacob Appelbaum writes: >> You cannot fix political problems with technological hacks > >Nor can you fix it with political cowardice and security nihilism! I don't think you can fairly accuse me of either ? >As has already been said in the thread: The technological changes >bring the political problems into a visible space. Absolutely agree. But SSL/TLS is just about the worst encryption you can bring to that fight, because it is *so* trivial and routine to MiTM that you can find the list-price for the necessary equipment on Google. draft-thomson-http-encryption is a much better tool for civil disobedience: It can be used with a thousand diverse key management schedules, including the only one we know to be intrinsicly secure from MiTM (PSK), and there is *no* way to trojan all of it. Deploy *that* with good key-management tools[1] and the politicians will face the much more impalatable choice of "Block or Pass". If they choose "pass" we won. If they choose "block" we get the population on our side pretty quick. Change the world with civil disobedience takes careful planning and execution. Rosa Parks didn't just happen to be tired. Poul-Henning [1] I hessitate to use the word GPG and "good" in the same context, but there *is* a very large web of trust to leverage. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Friday, 4 December 2015 06:37:58 UTC