Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only

To: debian-devel@lists.debian.org
Subject: Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only
From: Ondřej Surý <ondrej@sury.org>
Date: Mon, 21 Jul 2014 15:32:04 +0200
Message-id: <[🔎] 1405949524.7249.143937105.648E1884@webmail.messagingengine.com>
In-reply-to: <[🔎] 201407211312.44966.holger@layer-acht.org>
References: <20140713201310.GA27144@ftbfs.de> <[🔎] 20140720100359.GA6420@jwilk.net> <[🔎] 20140720122040.GB4196@orbiter> <[🔎] 201407211312.44966.holger@layer-acht.org>

On Mon, Jul 21, 2014, at 13:12, Holger Levsen wrote:
> Hi Iain,
> 
> On Sonntag, 20. Juli 2014, Iain R. Learmonth wrote:
> > The main one is that there are places in the world you just can't use HTTPS 
> > for legal reasons [...]
> 
> I'm curious, can you name one?

http://en.wikipedia.org/wiki/Restrictions_on_the_import_of_cryptography

And http://www.cryptolaw.org/cls2.htm

The usual suspects:

Belarus, Iran, Saudi Arabia (and I guess North Korea, but the use of
crypto
is probably OK if you are allowed to use a computer and connect to
outside
of the world anyway...)

But again this should not be a reason to not deploy encryption
everywhere.

The current problem with HTTPS is that it bundles encryption with
authenticity.
This needs to be unbundled[1]. My opinion is that even a transparent
opportunistic encryption (f.e. like DANE implementation in postfix)
would
improve the overall state of security.

1. I must admit that I haven't been able to monitor httpbis progress on
this
topic.

Ondrej
-- 
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server

Reply to:

Follow-Ups:
- Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Paul Wise <pabs@debian.org>

References:
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Jakub Wilk <jwilk@debian.org>
- Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: "Iain R. Learmonth" <irl@fsfe.org>
- myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only
Next by Date: Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only
Previous by thread: Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only
Next by thread: Re: myth(?): places in the world where https is illegal? Re: people.debian.org will move from ravel to paradis and become HTTPS only
Index(es):
- Date
- Thread