User talk:Rillian: Difference between revisions
Jump to navigation
Jump to search
(remove link spam) |
Martin.leese (talk | contribs) (→https: "Yeah, you use encryption, it is a red flag, which is why we should all use it if we don't have to.") |
||
(5 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
== Thanks == | |||
Thanks for correcting my spelling mistakes. (I cannot get Opera's spell checker working anymore. No idea why.) | |||
== https == | |||
You converted a load of links on [[OggOpusImplementation]] from "http:" to "https:". Why? These all look like public web pages (so would not be restricted to HTTP Secure), and the few I tried worked fine using non-secure HTTP. (If you wish to respond, please do so here.) [[User:Martin.leese|Martin Leese]] 06:59, 24 January 2014 (PST) | |||
: This change was motivated by the decision at the [[https://www.ietf.org/proceedings/88/minutes/minutes-88-iab-techplenary IETF 88 Technical Plenary]] to treat surveillance as an attack and address it in that body's work. Using https links improves reader privacy and therefore is preferable when it is available. This had also become Xiph.Org policy since the draft was initially written. | |||
: You are correct that the linked resources are generally also available over http. Did you have trouble accessing the draft references over https? | |||
:: Thanks for the link to the IETF doc; most interesting. Using https:, instead of http:, does not hide the fact that you have visited a particular page; only the content is encrypted, not the metadata. And, where the content is public, it could be argued that such indiscriminant use of https: doesn't achieve anything. However, as Bruce Schneier said, "Yeah, you use encryption, it is a red flag, which is why we should all use it if we don't have to." | |||
:: No, I had no trouble with access using https: (and I use Windows 95!). [[User:Martin.leese|Martin Leese]] 09:04, 28 January 2014 (PST) |
Latest revision as of 09:04, 28 January 2014
Thanks
Thanks for correcting my spelling mistakes. (I cannot get Opera's spell checker working anymore. No idea why.)
https
You converted a load of links on OggOpusImplementation from "http:" to "https:". Why? These all look like public web pages (so would not be restricted to HTTP Secure), and the few I tried worked fine using non-secure HTTP. (If you wish to respond, please do so here.) Martin Leese 06:59, 24 January 2014 (PST)
- This change was motivated by the decision at the [IETF 88 Technical Plenary] to treat surveillance as an attack and address it in that body's work. Using https links improves reader privacy and therefore is preferable when it is available. This had also become Xiph.Org policy since the draft was initially written.
- You are correct that the linked resources are generally also available over http. Did you have trouble accessing the draft references over https?
- Thanks for the link to the IETF doc; most interesting. Using https:, instead of http:, does not hide the fact that you have visited a particular page; only the content is encrypted, not the metadata. And, where the content is public, it could be argued that such indiscriminant use of https: doesn't achieve anything. However, as Bruce Schneier said, "Yeah, you use encryption, it is a red flag, which is why we should all use it if we don't have to."
- No, I had no trouble with access using https: (and I use Windows 95!). Martin Leese 09:04, 28 January 2014 (PST)