W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2015

Re: SSL/TLS everywhere fail

From: Constantine A. Murenin <cnst@NetBSD.org>
Date: Fri, 04 Dec 2015 04:43:46 -0800
Message-ID: <56618A82.6070208@NetBSD.org>
To: Jacob Appelbaum <jacob@appelbaum.net>
CC: Poul-Henning Kamp <phk@phk.freebsd.dk>, Mike Belshe <mike@belshe.com>, Amos Jeffries <squid3@treenet.co.nz>, httpbis mailing list <ietf-http-wg@w3.org>
On 2015-12-03 16:33, Jacob Appelbaum wrote:
> On 12/3/15, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
>> --------
>> In message
>> <CABaLYCtBcSBO_cS_4cmhe1aLh-sN6JxeheJ1RE6HMyQ97sLV3w@mail.gmail.com>
>> , Mike Belshe writes:
>>> These types of event are GREAT for everyone [...]
>> Speak for yourself Mike.
>> No, this not great for anybody.
>> You cannot fix political problems with technological hacks
> Nor can you fix it with political cowardice and security nihilism!
> As has already been said in the thread: The technological changes
> bring the political problems into a visible space. That gives us room
> to change them in some societies and in other societies, we at least
> know this small part of the overall score.

Most people don't care about security in most circumstances, especially 
if they're just browsing the public internet or checking the weather.

What exactly do you gain by preventing access through forced encryption?

Why should I be denied access to public information?

(Heck, why is it even legal for US government to require mandatory 
encryption on all parts of federal websites like ftc.gov and fcc.gov?)

How is the mandatory TLS movement any different than the "dictatorship" 
regimes you claim to be fighting against?

Are people who are unable to access resources merely collateral damage?

Received on Friday, 4 December 2015 12:44:55 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:11:40 UTC