W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2013

Re: Mandatory encryption *is* theater

From: Poul-Henning Kamp <phk@phk.freebsd.dk>
Date: Sun, 25 Aug 2013 20:52:46 +0000
To: Roberto Peon <grmocg@gmail.com>
cc: Salvatore Loreto <salvatore.loreto@ericsson.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <2420.1377463966@critter.freebsd.dk>
In message <CAP+FsNenAQvhoMMNmWj_hjjV9rrZPQT92pNGXaM3Kdm0T_bu=Q@mail.gmail.com>, Roberto Peon writes:

>In any case, if you're doing the work of signing, why not just encrypt?

Because signing wouldn't force Police-states intelligence services
to break, weaken or circumvent any and all encryption, in order to
comply with the mandate they were put under, by democratically
elected politicians ?

If you make encryption mandatory in HTTP/2.0, more of your tax-money
will drain into NSA[1] ?


[1] The Guardian pegs the number at around 850.000 NSA employees
and contractors:

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
Received on Sunday, 25 August 2013 20:53:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:14 UTC