It is a fact of deployment, however. We can wish honey dreams all day and night long of a web where deploying plaintext works (yes, ignoring the pervasive multi-party surveillance), but it does little to change reality where it does NOT work reliably. -=R On Nov 14, 2013 8:49 AM, "James M Snell" <jasnell@gmail.com> wrote: > On Thu, Nov 14, 2013 at 10:40 AM, Julian Reschke <julian.reschke@gmx.de> > wrote: > > On 2013-11-14 18:49, Roberto Peon wrote: > >> > >> There is a means of opting out, however, which exists and is widely > >> deployed: http1 > > > > > > And the WG has a mandate to develop a replacement for 1.1, called 2.0. > If we > > do not indent to develop that protocol anymore, we should re-charter. > > > > Very emphatic +1. So far the general sentiment of those pushing for > TLS-only seems to be "If you don't want to be forced to use TLS, > tough, you don't get to play with us then". That's not going to work. > > - James > > > > >> There was near unanimity at the plenary that we should do something > >> about pervasive monitoring, and while I don't believe that there were > >> any actuonable , unambiguous dieectuves , the spirit of the room was > >> quite clear. The IETF intends to attempt to do something about this. > > > > > > Yes. What we disagree on what that means for HTTP: URIs. > > > >> ... > > > > > > Best regards, Julian > > >
Received on Thursday, 14 November 2013 20:22:22 UTC