- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Mon, 26 Aug 2013 05:40:29 +0000
- To: Mark Nottingham <mnot@mnot.net>
- cc: "William Chan (???)" <willchan@chromium.org>, Eliot Lear <lear@cisco.com>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
In message <F6C3F3AF-38FB-4423-A6C0-4541D4BC311D@mnot.net>, Mark Nottingham writes: >We have a lot of things to discuss around what that profile looks like; >e.g., whether cert validation should take place. Well, wouldn't a good place to start be to agree what this encryption is supposed to protect and from whom it protects it ? Is it protecting against Samuel B. Hacker with his tcpdump(8) ? Is it preventing Wile E. Telco from injecting ads ? Is it keeping your bits safe from NSA and their almost-trillion dollar budget ? Is it keeping your identity safe from NSA and their almost-trillion dollar budget ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Monday, 26 August 2013 05:40:52 UTC