|
John, Of course I have sympathy for all of those who have their human rights abridged, and would not begrudge them the use of Tor, preferential https, or whatever helps. I am not sanguine that encryption is any barrier to NSA due to the ASIC issue previously discussed, but it might well be a barrier to religious extremist oppressors, etc. The problem with security is that however much you have is never enough, because there's always a new threat. And that is exactly why the United States is pursuing a continuously increasing war in whiich surveilance and odious security procedures only increase. And thus IETF will also end up on a continuously increasing war in which odious security procedures only increase, in response. The next step after encrypting every web query is locking down the browser to the "trusted platform" and insisting on identifying certificates for all users. Our various corporate totalitarians are sure to want it, it already exists on the iPhone and other DRM platforms, and will only get tighter. So, this ends with the death of the open web. At some point, we have to draw a line and say this is enough, it doesn't really protect us, it protects someone else at our expense. Where do you propose to do that? Right after _this_ change? And when the next proposal is to draw the line right after the _next_ change, and so on ad infinitum? So, I don't want to be forced onto this next security upgrade. I want to be able to intelligently decide whether I need it and when, and to control whether I use it, and when to dispense with it when it's being used for things that are not in my interest. Thanks Bruce |
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
