Re: https

On Aug 26, 2011, at 10:24 AM, Tim Bray wrote:

I'm increasingly coming to think that *everything* should be done with
TLS unless you can prove it's harmful.  Call me paranoid, but given
the general state of the world, secure-by-default seems like the way
to go.  -Tim


You're not alone.  I think one reason this discussion suddenly flared up so 
dramatically is that this is at least as much a political issue as a technical 
one, and therefore not exactly the IETF's bailiwick.  EFF certainly seems to 
think so:

        http://www.eff.org/https-everywhere

Nowadays the only reason I can see for not wanting to use any form of 
encryption you can, anywhere and anytime you can, is a desire to make it easier 
for governments to snoop on you.  Even flawed or partial schemes can provide 
some protection if deployed widely enough -- it's the same principle as 
steganography, more or less.  -- Nathaniel

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread]	Current Thread	[Next in Thread>
Re: https, (continued) Re: https, Adam Novak Re: https, Hector Santos Re: https, Glen Zorn Re: https, t.petch Re: https, t.petch Re: https, Glen Zorn Re: https, ned+ietf Re: https, Dave CROCKER Re: https, Melinda Shore Re: https, Tim Bray Re: https, Nathaniel Borenstein <= Re: https, ned+ietf Re: https, Melinda Shore Re: https, ned+ietf Re: https, Iljitsch van Beijnum Re: https, Scott Schmit Re: https, Eric Burger Re: https, Thomas Narten Re: https, Joel jaeggli Re: https, t.petch Re: https, Doug Barton