ietf
[Top] [All Lists]

Re: Security for various IETF services

2014-04-04 18:06:55
Randall Gellens <randy(_at_)qti(_dot_)qualcomm(_dot_)com> [2014-04-03 19:00:18 
-0700]:
At 7:56 PM -0400 4/3/14, Pranesh Prakash wrote:

 However, as there are numerous legacy tools that have been
 built that require access via cleartext

 Could you please expand on this?  What kinds of legacy tools is that
statement talking about?

I have a number of tools and scripts that access IETF and RFC Editor
documents and information using HTTP and FTP.

And these tools and scripts will stop working if HTTPS or FTPS are used? Can these tools and scripts not be made to work/compile with NSS / GnuTLS / OpenSSL? Or is it just that it is easier not to deal with encryption?

Curl, wget, and even the perl-based Twitter client I use (ttytter) all work just fine with SSL, so I'm curious what tools and scripts have trouble using encryption.

--
Pranesh Prakash
Policy Director, Centre for Internet and Society
T: +91 80 40926283 | W: http://cis-india.org
-------------------
Access to Knowledge Fellow, Information Society Project, Yale Law School
M: +1 520 314 7147 | W: http://yaleisp.org
PGP ID: 0x1D5C5F07 | Twitter: https://twitter.com/pranesh_prakash



Attachment: signature.asc
Description: OpenPGP digital signature