- From: 陈智昌 <willchan@chromium.org>
- Date: Fri, 6 Apr 2012 16:43:07 +0200
- To: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Cc: ietf-http-wg@w3.org
- Message-ID: <CAA4WUYjBegh88MFzzbt2J2oNnwaTbme6hWibHQgXxbAyasXsig@mail.gmail.com>
On Fri, Apr 6, 2012 at 4:33 PM, Nicolas Mailhot <nicolas.mailhot@laposte.net > wrote: > Amos Jeffries <squid3@...> writes: > > > IME admin are usually not that eager to do MITM on TLS. > > Yes there are all sorts of unpleasant legal risks involved > > > It is required by policy makers who just want to publish tick-box > policies > > It is required to authenticate proxy users now that popular sites are > moving to > ssl, since no one has defined a reliable way to do it without breaking tls. > > And then once the system is in place who will vouch it won't be abused for > corporate follies? > > It is *very* dangerous to make encryption an all-or-nothing proposal. That > makes > it an everyone-has-a-reason-to-break-it system, which means it *will* be > broken, > even in the cases it's perfectly justified. > > If you want to add security to browsing make *very* sure there is little > reason > for legal-abiding entities to break it, or they will finance and build the > tools > criminals will use. That means using encryption sparingly, not as a blanket > system. > This logic makes no sense to me. I disagree strongly.
Received on Friday, 6 April 2012 14:43:36 UTC