I'm Brett Slatkin and this is where I write about programming and related topics. You can contact me here or view my projects.

05 January 2014

Mark Nottingham (committee chair) on the decision to not require encryption in the HTTP/2.0 standard.

For better or worse, though, the IETF does not get to define the world that our protocols are used in. We cannot require that companies don’t monitor employee behaviour, or that countries don’t watch and curb what people do. We cannot and should not try to force people — whether they be browser users, web site operators, or the network administrators in between them — to do things against their will, because in reality we can’t; all we’d do is encourage people to stay on HTTP/1.1, or develop yet other competing protocols, or subvert the existing protocols in yet new and more damaging ways.

What we can do, however, is provide the flexibility and precision in the protocol to allow this discussion, this push and pull amongst the stakeholders — end users, web servers and the networks in between them — to play out.

He refers to this contention as "the Tussle" from this paper (2005). I can't believe I've never heard of this!

This paper explores one important reality that surrounds the Internet today: different stakeholders that are part of the Internet milieu have interests that may be adverse to each other, and these parties each vie to favor their particular interests. We call this process "the tussle." Our position is that accommodating this tussle is crucial to the evolution of the network’s technical architecture.
© 2009-2024 Brett Slatkin