Here I agree. [The value of discourse]
1. We already offer https, so if you want to go https, you can.
2. We should figure out a way of signing (and doing the appropriate PKI)
documents. The fact we think we cannot says we basically say NO ONE can trust
the Internet. I am willing to believe S/MIME with a known set of roots is a
start.
Do we really believe #2 is not a solvable problem? If it is not solvable (or
solved), we are totally hosed.
On Nov 6, 2013, at 10:01 AM, ned+ietf(_at_)mauve(_dot_)mrochek(_dot_)com wrote:
Allowing HTTPS, on the other hand, does not. Unfortunately, because of the
nature of HTTP/HTTPS, we cannot perform opportunistic encryption in the
same way as with the mail and XMPP services we use.
Perhaps that is a problem that deserves further attention.
Ned
smime.p7s
Description: S/MIME cryptographic signature