[Cryptography] HTTP should be deprecated.

Eric Mill eric at konklone.com
Mon Nov 4 14:01:15 EST 2013


I'm very pro-HTTPS for as many places as possible, switched to use it on my
own site, and documented how to do
it<https://konklone.com/post/switch-to-https-now-for-free> in
detail.

But I'm also very pro-"it should be easy to publish things on the
Internet", and key management *is* a pain in the ass. Requiring it
Internet-wide would raise the barrier for people new to web publishing to
get started, and/or make more people just use a *.wordpress.com or *.
whatever.com domain, rather than bother getting their own.

Instead, we should establish very clear norms about HTTPS for services and
web applications of all kinds. If you have the ability to add HTTPS
support, you should, and the mandate is especially clear for hosting
services.

For example, one glaring gap for me is Github Pages. It's impossible to use
HTTPS if you host something via Github Pages, whether or not you use your
own domain name (unless you do something expensive like put CloudFront in
front of it).

Caching with HTTPS is a problem. One source of reluctance for major
platforms to support HTTPS is because CDNs like Akamai raise their prices
drastically if you want HTTPS. That's a major market force that guides the
decision companies make, and it's one we should commit ourselves to
changing.


On Mon, Nov 4, 2013 at 12:28 PM, Peter Saint-Andre <stpeter at stpeter.im>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 11/4/13 7:50 AM, Greg wrote:
> > Could someone please forward this message to the Elders of the
> > Internet??
> >
> > It's time to make encryption mandatory in all communication
> > protocols.
>
> Some of us are working on that for some protocols:
>
> https://github.com/stpeter/manifesto
>
> Peter
>
> - --
> Peter Saint-Andre
> https://stpeter.im/
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJSd9lbAAoJEOoGpJErxa2pzhIP/iAdZkNEdgWRrt9N/7Tc06IK
> 3U9zDSzve6BglycwKsCmB8e9+dOuXjw383PiiydbiMDkmUOj7uvkiI069TImfk4E
> Q49WKlBX3rNeqSuk3OAE4CgsnQLxxKns52q4TqfunsDgQS4EJL0xb6VH/O62JxFO
> vjX6N0l6XYS/VnjJJi4jsqAsFjwsx0sVHP30bpvNNqTr511RRSdIa3udUE3CY8mP
> Hf/8V6x6kLQENXgW4lYNyLMG3r4Q3/BkHkurLuw33jdCxNu6Wx4RB5xFPCWKFQyS
> XgrYUBDRfVFHB0OqiukFE0uBqVvuTB9UH47zZiFuN3GM55UJ4TE8gks4W2v7Ku/n
> vby+u/vToqZGGLJYwd2AzyfUag629KhnCbMJ1arp+fd5hMx5O3mbvzB7sJu92Suj
> ZYB3LIkWUc/F5EJXCZN73HhxiyFbkWi5kVfPLkd5UybpI9CNd9Kglh00TBryZ5Ws
> dGF/cOuwtWVOoNn5VeJDFm9MRbDnICwkpguuIdWCZGC8e30A7e4cuR3OFrNVkkfg
> 2ZmFaiVPN93aKeWiXclCkdTwxCXHoRByfSO89Z6QHDhQqbSQ6WMKaidPPbphGyjl
> yyPUG3EsleZQBWdSic+5dgV4TIu2EMzY9IAYGuuNZruFRvr/ZUDnNosIbdg3UnXH
> yNFG+7eTIcVkax5Riqgz
> =S+19
> -----END PGP SIGNATURE-----
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>



-- 
konklone.com | @konklone <https://twitter.com/konklone>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131104/01f5a64f/attachment.html>


More information about the cryptography mailing list