ietf
[Top] [All Lists]

Re: https at ietf.org

2013-11-07 00:38:20
On 06 Nov 2013, at 21:42, Ted Lemon <Ted(_dot_)Lemon(_at_)nominum(_dot_)com> 
wrote:

For privacy, though, STASI*) should not be able to find out that I’m 
retrieving RFC 1984 so that they can't identify me as a long-haired 
bomb-throwing leftist (or whatever retrieving RFC 1984 makes you in their 
minds).

If you want encryption, definitely you should be able to get it, and indeed 
with ietf.org, you can.

No, I want privacy, and all my right-thinking crew-cut friends are using 
http://ietf.org, so I still stand out for STASI when I’m using https://ietf.org.

The whole debate is not so much about whether privacy is really needed for 
accessing the IETF site (not really that much) but about whether we want to 
lead by example.  I think we want to expose the browsable parts of the site 
such as the front page by https only, but keep tools access for constructible 
URIs such as http://tools.ietf.org/id/{draft-name}.  And rsync of course.  FTP 
is legacy anyways.

Grüße, Carsten


<Prev in Thread] Current Thread [Next in Thread>