ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Proposed Statement on "HTTPS everywhere for the IETF"

2015-06-01 15:58:27
from [Phillip Hallam-Baker] [Permanent Link] 
On Mon, Jun 1, 2015 at 4:15 PM, Brian E Carpenter <
brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote:


Hi,

I think this is reasonable. However, it seems necessary to qualify it
by pointing out that users of HTTPS remain exposed to traffic analysis
(e.g. see https://arxiv.org/pdf/1403.0297).



Agreed.

But I would add a note to say that blocking traffic analysis is something
that requires link layer encryption. I don't think we can do much to
prevent that type of attack in IETF but we could stir IEEE to do something
useful.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Proposed Statement on "HTTPS everywhere for the IETF", Stephen Farrell
Next by Date:  Re: Proposed Statement on "HTTPS everywhere for the IETF", Nico Williams
Previous by Thread:  Re: Proposed Statement on "HTTPS everywhere for the IETF", Stephen Farrell
Next by Thread:  Re: Proposed Statement on "HTTPS everywhere for the IETF", Nico Williams
Indexes:  [Date] [Thread] [Top] [All Lists]