Hiya,
On 01/06/15 21:15, Brian E Carpenter wrote:
Hi,
I think this is reasonable. However, it seems necessary to qualify it
by pointing out that users of HTTPS remain exposed to traffic analysis
(e.g. see https://arxiv.org/pdf/1403.0297).
Good point. We can add something to that effect I think.
Cheers,
S.
Brian
On 02/06/2015 04:43, The IESG wrote:
Hi All,
The IESG are planning to agree an IESG statement on "HTTPS Everywhere
for the IETF," please see [1] for the current text.
We are seeking community feedback on this and welcome assistance
from the community in identifying any cases where a change or
additional guidance is needed to put this into effect.
The IESG plans to finalise this statement just after IETF-93 in Prague.
* Please send general feedback intended for discussion to
ietf(_at_)ietf(_dot_)org
* Comments about specific issues arising can be sent to
iesg(_at_)ietf(_dot_)org
or tools-discuss(_at_)ietf(_dot_)org as appropriate (use
iesg(_at_)ietf(_dot_)org if not sure)
Regards,
Terry & Stephen (for the IESG)
[1] https://trac.tools.ietf.org/group/iesg/trac/wiki/HttpsEverywhere
.