[ALUG] Mozilla will obsolete HTTP
Ismail Settenda
ismailmss at gmail.com
Mon May 4 20:52:16 EAT 2015
Nice one Miku, I like...!
Let's have the security talk soon.
Rgds
--
Ismail
P. S. Please excuse any errors or omissions as this email has been sent on
the xoom.
On May 4, 2015 7:15 PM, "Miku, E. Cornelius via Linux" <
linux at lists.habari.co.tz> wrote:
> Interesting discussion, good going guys.
>
> I think Security is as much technical as it is political.
>
> The main discussion here is Securing HTTP traffic, and from my technical
> point of view the best way to do that is from the source(server side), that
> means it's a web/host master's job.
>
> But what if this person doesn't really know what they are doing? Let's
> agree of the qualities the Internet should have Safety[1] is a major one.
> And for it to prosper there must standards and a way to make sure they are
> followed.
>
> Mozilla's and Google's approach is similar to how email currently
> operates. The postmaster(who knows what they're doing) can easily
> control/force users to use SSL/TLS OR set parameters to delay/reject/etc
> emails from misconfigured servers. But with HTTP the only way of forcing
> the webmaster's hand is from the client(the browser).
> As long as the standards these browsers are enforcing are the same
> standards developed by the Internet community through public consensus.
>
> [1] The Safety in mind here is the kind of safety that not anyone you
> pissed off can Google a tutorial and easily compromise your
> security/privacy, or any kid who knows how to use Wireshark can end up
> causing some serious damage. So at least for me I see what they are trying
> to do is a good start.
> Safety from Governments and these 3-letter Agencies(as Richard call them)
> that have backdoors in OpenSSL and run CAs all over the World will remain
> political and a fight for another day, if they want to compromise your
> privacy they can and will do it regardless. In other words you're (as Alan
> put it)screwed.
>
> PS. I see there's a lot of interest on this subject may be we should put
> it in schedule of future discussions(meets) and may be Andreas and myself
> will talk about security/encryption/cryptography before it.
>
> Cheers,
>
> --
> Miku
>
>
> _______________________________________________
> The Arusha Linux User Group: http://unix.or.tz
> Linux mailing list
> Linux at lists.habari.co.tz
> http://lists.habari.co.tz/cgi-bin/mailman/listinfo/linux
>
> The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
> http://www.habari.co.tz/
>
> The above comments and data are owned by whoever posted them (including
> attachments if any). The mailing list host is not responsible for them in
> any way.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20150504/55ea923f/attachment-0001.html>
More information about the Linux
mailing list