On 04/09/13 05:38, Terry Chay wrote:
> This part of the discussion has strayed a bit far from the politics
> of encryption. ;-)
> Not that it doesn't have value, but if I can bring it back on-topic
> for a moment…
> The gist of the HTTPS issues is that it's simply not an engineering
> discussion, it's a political one.

Yes, obviously, hence the subject line.

> It's important to outline what our choices are and
> the consequences of those choices, and derive consensus on what the
> right choice is going forward, as it is clear what we have now[1]
> is a temporary band-aid.[2]

I don't think it is clear. We have a variety of options open to us, on
a spectrum of appeasement versus protest. From the former to the
latter, we have:

1. Make ourselves subject to Chinese law and do what they tell us to
(i.e. open a datacentre in China).
2. Use a technical setup which implicitly cooperates with their
existing system for censorship of foreign content (i.e. use
unencrypted HTTP).
3. Use a technical setup which is inherently incompatible with the
existing system of censorship, thus forcing the Chinese government to
block us (i.e. use HTTPS).

I don't see option 2 as a band-aid, I see it as a moderate path
between appeasement and protest, which allows us to remain popular in
China without explicitly supporting censorship, with minimal risk to
our staff. Of course, it has its down sides.

None of the three options are without risk to our users. Probably the
most risky for our users is option 3, which encourages users to
circumvent censorship, in violation of Chinese law. It turns our users
into activists.

There's nothing inherently wrong with activism, but I think we have an
ethical responsibility to be fully aware of the risks we are
encouraging our users to take, and also to understand the benefits
which are likely to come from successful activism, so that we can
decide whether the action we are inciting is rational and prudent.

-- Tim Starling

Wikimedia-l mailing list
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Reply via email to