Re: Privacy and its costs (was: Re: Mandatory encryption) from Tim Bray on 2012-07-31 (ietf-http-wg@w3.org from July to September 2012)

From: Tim Bray <tbray@textuality.com>
Date: Mon, 30 Jul 2012 23:55:58 -0700
To: Yoav Nir <ynir@checkpoint.com>
Cc: Mike Belshe <mike@belshe.com>, Martin J. Dürst <duerst@it.aoyama.ac.jp>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <CAHBU6ispTAnP7KKCZQyEzKmye+L8xYOEbUn33i4xLbTv0C4ayQ@mail.gmail.com>

On Mon, Jul 30, 2012 at 11:28 PM, Yoav Nir <ynir@checkpoint.com> wrote:
> Disagree. belshe.com is just somebody's blog. It's not financial
> information, there are no privacy issues, no medical data, no potentially
> embarrassing association with sexual minorities. Why would you want to
spend
> any resources securing that?

Excuse me, what exactly do you know about my sexual preferences or Mike
Belshe’s and why are you so sure that we might not want to discuss them
without accidentally putting our readers in a place where the Basiji come
knocking at the door?

This is why it’s reasonable to think it important that privacy be the
default.  Because it if it isn’t, then turning privacy on is a powerful
signal to the Men In The Middle to start watching.

It’s unfortunate that you find association with minorities embarrassing.  -T

>
> And securing that has costs. There's extra CPU (although I guess the
> smallest server you can buy can handle your site both with and without
SSL),
> there's the cost of certificates, there's the administrative effort in
> getting and deploying the certificates, and there's the loss of caching
> ability all over the Internet.
>
> Sure, my bank, my HMO and mail.google.com need to have encryption. Yes, as
> long as HTTP without S exists, browsers can be tricked into doing this
> unencrypted. But why should you and Tim bear the cost of securing those
> banking sites? Let them use HSTS or some future DNS-based strict transport
> security.
>
> Yoav
>
>

Received on Tuesday, 31 July 2012 06:56:28 UTC