No, this is a pro not a con. It is unethical for us to ship unsecure software. http without tls is fundamentally below the bar of basic, known best practices. On Nov 17, 2013 12:47 AM, "Robert Collins" <robertc@squid-cache.org> wrote: > C5.2 It’s unethical to insert encryption into people’s connections > without their consent. > This has an inverse: > P3 : It's unethical to have presumed-private conversations not be > > Arguably to P1 (protection) : this is about expectations of users. > > -Rob > > On 17 November 2013 14:03, Tim Bray <tbray@textuality.com> wrote: > > There has been a *whole lot* of traffic on this subject. It’s > fascinating > > that the meeting of minds is so difficult, and any possibility of that > > happening is made more difficult by the discussion skewing back and forth > > across the road. > > > > To help sort things out in my own mind, I just went and read the last few > > hundred messages and attempted to curate the pervasive/mandatory > encryption > > arguments, pro and contra. It’s in a Google doc that’s open to comment > by > > anyone: http://goo.gl/6yhpC1 Hm, is there a handy wiki platform > somewhere > > that can stand up to the pressure? > > > > I don’t know if trying to organize the talking points is generally > useful, > > but I sure found it personally useful; maybe others will too. > > > > Disclosure: I remain pretty strongly in favor of as much mandatory > > encryption as we can get, so that may have filtered my expression of the > > issues. I've version-stamped this: 2013/11/16, and promise not to > change it > > in case people comment on it. > >Received on Sunday, 17 November 2013 15:47:22 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:38 UTC