Re: ietf.org unaccessible for Tor users

I fully agree that we ought enable people to access the IETF
site via Tor. That is entirely consistent with [1] (as is
still allowing plaintext, so let's not re-do that discussion:-)
Actually, I'd say that making life harder for people who
choose to use Tor is inconsistent with the spirit of [1]
unless there's some very good reason for that, e.g. if it
put other folks access to the IETF site at significant risk.
I don't think that last is the case.

As Jari said there're some folks who're looking at this so
I'd suggest we give 'em a bit of time to figure stuff out.
If someone feels that's taking too long, feel free to ping
me and I'll hassle whoever is the stuckee at that point and
report back.

Cheers,
S.

PS: I just installed TBB on a machine and didn't see any
captcha. That may mean that it's exit node specific I guess.

[1] https://www.ietf.org/iesg/statement/maximizing-encrypted-access.html

On 15/03/16 10:38, Paul Wouters wrote:
> Because some users under scrutiny of some nation states deem they need to use 
> tor for their privacy and safety for all their browsing. It would be 
> extremely dangerous to continuously switch tor off and on.
>
> Note we are not talking about ietf being available as a hidden service, just 
> that tor exit node IPs visiting the ietf sites do not require JavaScript - 
> the latter compromises tor security for the user in general.
>
> Sent from my iPhone
>
> > On Mar 15, 2016, at 10:14, Eliot Lear <lear(_at_)cisco(_dot_)com> wrote:
> >
> >
> >
> > > On 3/15/16 9:20 AM, Jari Arkko wrote:
> > > I don’t have a solution, but I wanted to say that I feel the pain.
> > >
> > > It is important that IETF documents are accessible via Tor.
> > I'll bite: why is it important that IETF documents be accessible via Tor?
> >
> > Eliot

smime.p7s
Description: S/MIME Cryptographic Signature