Re: HTTP2 Expression of Interest from James M Snell on 2012-07-17 (ietf-http-wg@w3.org from July to September 2012)

From: James M Snell <jasnell@gmail.com>
Date: Tue, 17 Jul 2012 15:53:38 -0700
To: Tim Bray <tbray@textuality.com>
Cc: Doug Beaver <doug@fb.com>, Willy Tarreau <w@1wt.eu>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <CABP7Rbc5fPAz+F2zyRchsFKBP-QnfoVLT8WADte4GSDUOx3jJA@mail.gmail.com>

Mandatory end-to-end encryption does not make sense. There are countless
scenarios where TLS just isn't necessary. Yes, we can do a better job but
forcing it to be used in scenarios where there is no PII at risk is just
pointless.

- James

On Tue, Jul 17, 2012 at 3:31 PM, Tim Bray <tbray@textuality.com> wrote:

> Pulling a really important paragraph out of Doug’s (long) posting, in
> the hope that more people will thus read it.
>
> On Tue, Jul 17, 2012 at 3:11 PM, Doug Beaver <doug@fb.com> wrote:
>
> > I think all those positions can be valid. I just happen to think that
> even
> > given all the above, it is still better to mandate encryption and give
> better
> > privacy to Internet users than it is to punt the ball down the field
> another
> > twenty years.
>
> What he said. -T
>
>

Received on Tuesday, 17 July 2012 22:54:26 UTC