ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Proposed Statement on "HTTPS everywhere for the IETF"

2015-06-03 03:51:41
from [Xiaoyin Liu] [Permanent Link] 
Date: Tue, 2 Jun 2015 14:26:20 -0700
From: touch(_at_)isi(_dot_)edu
To: rlb(_at_)ipv(_dot_)sx
Subject: Re: Proposed Statement on "HTTPS everywhere for the IETF"
CC: ietf(_at_)ietf(_dot_)org; ietf-announce(_at_)ietf(_dot_)org



On 6/2/2015 2:19 PM, Richard Barnes wrote:



On Tue, Jun 2, 2015 at 2:59 PM, Joe Touch <touch(_at_)isi(_dot_)edu
<mailto:touch(_at_)isi(_dot_)edu>> wrote:



    On 6/2/2015 11:51 AM, Richard Barnes wrote:
    >
    >
    > On Tue, Jun 2, 2015 at 12:59 PM, Joe Touch <touch(_at_)isi(_dot_)edu 
<mailto:touch(_at_)isi(_dot_)edu>
    > <mailto:touch(_at_)isi(_dot_)edu <mailto:touch(_at_)isi(_dot_)edu>>> 
wrote:
    >
    >     On 6/1/2015 10:16 AM, Richard Barnes wrote:
    >     > Do it.  Do it boldly and fearlessly.  Make the statement and 
implement it.
    >     >
    >     ...
    >     > Don't be tied to legacy.  Anything that doesn't support HTTPS 
at this
    >     > point needs to upgrade and deserves to be broken.
    >
    >     Leaving out the have-nots - or those whose access is blocked by 
others
    >     when content cannot be scanned - isn't moving forward.
    >
    >
    > [citation-required]
    >
    > Where is this place where the entire HTTPS web is not accessible?

    http://en.wikipedia.org/wiki/Censorship_of_Wikipedia

    Search for HTTPS.


This is all that that search turns up:
"""
Chinese authorities started blocking access to the secure (https)
version of the site on 31 May 2013, although the non-secure (http)
version is still available – the latter is vulnerable to keyword
filtering allowing individual articles to be selectively blocked.
Greatfire urged Wikipedia and users to circumvent the block by using
https access to other IP addresses owned by Wikipedia.
"""

 
This information is outdated. The https version of Wikipedia is no longer 
blocked in China, but the http versions of Chinese Wikipedia, Chinese 
Wikisource, Chinese Wikinews, and Uyghur Wikipedia are blocked in China.[1] 
Actually the Wikimedia Foundation is considering forcing HTTPS for every 
Wikipedia visitors, even if the censorship of Wikipedia exists.[2]
 
[1] https://zh.wikipedia.org/wiki/Template:Wiki-accessibility-CHN (in Chinese)
[2] https://phabricator.wikimedia.org/T49832#1240760
 


If censors want to block the IETF website, they can do it with or
without HTTPS. 


But that's not what they DID.

They blocked the activity they couldn't monitor.

 
Another example is that http://www.worldcat.org/ is blocked in China, but 
https://www.worldcat.org/ is accessible.
 
So my opinion is that, in general, HTTPS is more accessible than HTTP.
 
Xiaoyin
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Found this today, Yoav Nir
Next by Date:  Re: Proposed Statement on "HTTPS everywhere for the IETF", Stewart Bryant
Previous by Thread:  Re: Proposed Statement on "HTTPS everywhere for the IETF", Stephen Farrell
Next by Thread:  Re: Proposed Statement on "HTTPS everywhere for the IETF", Joe Touch
Indexes:  [Date] [Thread] [Top] [All Lists]