On 06 Nov 2013, at 21:42, Ted Lemon <Ted(_dot_)Lemon(_at_)nominum(_dot_)com>
wrote:
For privacy, though, STASI*) should not be able to find out that I’m
retrieving RFC 1984 so that they can't identify me as a long-haired
bomb-throwing leftist (or whatever retrieving RFC 1984 makes you in their
minds).
If you want encryption, definitely you should be able to get it, and indeed
with ietf.org, you can.
No, I want privacy, and all my right-thinking crew-cut friends are using
http://ietf.org, so I still stand out for STASI when I’m using https://ietf.org.
The whole debate is not so much about whether privacy is really needed for
accessing the IETF site (not really that much) but about whether we want to
lead by example. I think we want to expose the browsable parts of the site
such as the front page by https only, but keep tools access for constructible
URIs such as http://tools.ietf.org/id/{draft-name}. And rsync of course. FTP
is legacy anyways.
Grüße, Carsten