[ALUG] Mozilla will obsolete HTTP

Richard Manyanza 1.liseki at gmail.com
Mon May 4 20:53:08 EAT 2015


Andreas, Alan, Tim and Miku this has been very cool and enlightening, thank
you!

Miku, on you and Andreas doing a session on this: brilliant, please let's
make that happen. We can plan a session through our Arusha Tech Forum or
perhaps Arusha Coders. June, July? I know a little eager here :)

Lastly, I agree Miku, I think we have to save the political for another day.

On Mon, May 4, 2015 at 8:04 PM, Tim Schofield via Linux <
linux at lists.habari.co.tz> wrote:

> Hi Miku, I would just like to emphasise that I am not in any way
> against security, and the more that smart guys such as yourself and
> Andreas can do to educate people on it then the better as far as I am
> concerned.
>
> What I am against is Mozilla/Google et al forcing that on people
> rather than educating them. It goes against everything I believe the
> web should stand for.
>
> Tim
>
> On 4 May 2015 at 17:15, Miku, E. Cornelius via Linux
> <linux at lists.habari.co.tz> wrote:
> > Interesting discussion, good going guys.
> >
> > I think Security is as much technical as it is political.
> >
> > The main discussion here is Securing HTTP traffic, and from my technical
> > point of view the best way to do that is from the source(server side),
> that
> > means it's a web/host master's job.
> >
> > But what if this person doesn't really know what they are doing? Let's
> agree
> > of the qualities the Internet should have Safety[1] is a major one. And
> for
> > it to prosper there must standards and a way to make sure they are
> followed.
> >
> > Mozilla's and Google's approach is similar to how email currently
> operates.
> > The postmaster(who knows what they're doing) can easily control/force
> users
> > to use SSL/TLS OR set parameters to delay/reject/etc emails from
> > misconfigured servers. But with HTTP the only way of forcing the
> webmaster's
> > hand is from the client(the browser).
> > As long as the standards these browsers are enforcing are the same
> standards
> > developed by the Internet community through public consensus.
> >
> > [1] The Safety in mind here is the kind of safety that not anyone you
> pissed
> > off can Google a tutorial and easily compromise your security/privacy, or
> > any kid who knows how to use Wireshark can end up causing some serious
> > damage. So at least for me I see what they are trying to do is a good
> start.
> > Safety from Governments and these 3-letter Agencies(as Richard call them)
> > that have backdoors in OpenSSL and run CAs all over the World will remain
> > political and a fight for another day, if they want to compromise your
> > privacy they can and will do it regardless. In other words you're (as
> Alan
> > put it)screwed.
> >
> > PS. I see there's a lot of interest on this subject may be we should put
> it
> > in schedule of future discussions(meets) and may be Andreas and myself
> will
> > talk about security/encryption/cryptography before it.
> >
> > Cheers,
> >
> > --
> > Miku
> >
> >
> > _______________________________________________
> > The Arusha Linux User Group: http://unix.or.tz
> > Linux mailing list
> > Linux at lists.habari.co.tz
> > http://lists.habari.co.tz/cgi-bin/mailman/listinfo/linux
> >
> > The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
> > http://www.habari.co.tz/
> >
> > The above comments and data are owned by whoever posted them (including
> > attachments if any). The mailing list host is not responsible for them in
> > any way.
>
>
>
> --
> Course View Towers,
> Plot 21 Yusuf Lule Road,
> Kampala
> T   +256 (0) 312 314 418
> M +256 (0) 752 963 325
> www.weberpafrica.com
> Twitter: @TimSchofield2
> Blog: http://weberpafrica.blogspot.co.uk/
> _______________________________________________
> The Arusha Linux User Group: http://unix.or.tz
> Linux mailing list
> Linux at lists.habari.co.tz
> http://lists.habari.co.tz/cgi-bin/mailman/listinfo/linux
>
> The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
> http://www.habari.co.tz/
>
> The above comments and data are owned by whoever posted them (including
> attachments if any). The mailing list host is not responsible for them in
> any way.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20150504/d0b56898/attachment.html>


More information about the Linux mailing list