On Aug 26, 2011, at 10:24 AM, Tim Bray wrote:
I'm increasingly coming to think that *everything* should be done with
TLS unless you can prove it's harmful. Call me paranoid, but given
the general state of the world, secure-by-default seems like the way
to go. -Tim
You're not alone. I think one reason this discussion suddenly flared up so
dramatically is that this is at least as much a political issue as a technical
one, and therefore not exactly the IETF's bailiwick. EFF certainly seems to
think so:
http://www.eff.org/https-everywhere
Nowadays the only reason I can see for not wanting to use any form of
encryption you can, anywhere and anytime you can, is a desire to make it easier
for governments to snoop on you. Even flawed or partial schemes can provide
some protection if deployed widely enough -- it's the same principle as
steganography, more or less. -- Nathaniel
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf