On Dec 6, 2013, at 10:53 AM, Bruce Perens <[email protected]> wrote: >> >> >> > You can opt out of the Concealment Society if you want to. But please >> > don't force me to stay within the Surveillance Society. > This will be just fine if it's true. How do I opt out of the Concealment > Society if browsers and servers implement HTTP 2.0 as proposed, eventually > dropping support for HTTP 1, and neither the browser or server have an > in-the-clear mode? > > That's really all this discussion is about. Not any advisory to run https > preferentially, but the fact that http isn't being left in the standard.
Include a checkbox in the browser saying "Fuck it all, show my data to the world" which broadcasts the session key in the clear. And see how many people click on it... Unencrypted traffic is a vulnerability. Failing to close a vulnerability that is going to be exploited by every nation on the planet but your own is lunacy. -- Nicholas Weaver it is a tale, told by an idiot, [email protected] full of sound and fury, 510-666-2903 .signifying nothing PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
