- From: Marc Fawzi <marc.fawzi@gmail.com>
- Date: Sun, 4 Jan 2015 15:38:05 -0800
- To: "Eric J. Bowman" <eric@bisonsystems.net>
- Cc: Domenic Denicola <d@domenic.me>, Daniel Appelquist <appelquist@gmail.com>, TAG List <www-tag@w3.org>, Ian Jacobs <ij@w3.org>
- Message-ID: <CACioZitGVbs5TUuDNFHpq0vd46z1zCibm2PwZnPUrh5QY8GdYQ@mail.gmail.com>
I don't think anyone has asked Why Now? Is it because the NSA made the entire Internet security infrastructure look like swiss cheese? I can't think of any other circumstantial reason as to why this is being pushed now... Why not two years ago? We had the same problems with http back then. Why now? If it is indeed the Snowden revelations and the growing fear of surveillance on people's mind that has prompted this response on the part of the EFF, TAG/W3C and other "concerned" parties then moving to https won't put a insurmountable obstacle to any government spying on its people and people everywhere but it will definitely fool the not so savvy masses into a false sense of security, believing that https means real privacy. If there was real motivation to improve security on the web/Internet this discussion would be much bigger and much wider and would include all kinds of research efforts from academia and industry and not be so narrow minded. Please get real and look at how you're being perceived by the thousands of extremely relevant non-participants. A lot of the people whose participation would be extremely don't even wish to participate in the discussion because of how loud their bullshit detector is ringing in their ears. They can't even hear you say that anything you do will matter because the whole act is clearly theatrical in nature if you're not reaching out to top researchers and practitioners in this field and soliciting a healthy range of ideas and solutions to the problem of assuring privacy and security on the web. There should be an international conference to address the societal root causes for mass surveillance (a healthy society does not need constant monitoring) and how the web can be made stronger and more secure. In the absence of that this looks like theatrics. On Tue, Dec 30, 2014 at 7:24 PM, Eric J. Bowman <eric@bisonsystems.net> wrote: > Domenic Denicola wrote: > > > > Deploying HTTPS has no liability implications anymore than deploying > > HTTP does. > > > > My attorney disagrees, if my purpose in deploying HTTPS is privacy I > can't guarantee by deploying HTTPS. > > -Eric > >
Received on Sunday, 4 January 2015 23:39:12 UTC