[joshstrange]

UPDATE/CLARIFICATION: The author DID NOT say people don't deserve privacy, he said "there are people who do not have a right to privacy" I misread that when he really meant that LEGALLY they do not have a right, not that he personally believed this. I would like to apologize for misrepresenting the author's intent.

I'll start by saying I don't agree that some people don't deserve privacy. I just can't get behind that in literally any form. More and more computers and what we store on them are an extension of our minds. By this logic you are more or less reading my thoughts by knowing what I doing online (I could write a whole paper on this).

That said kudos to the author of varnish for actually coming out and explaining why he feels this way. Too often there is no insight into why something was done a certain why (or why it wasn't done at all) and anything that sheds light on that is a good in my book. I understand and agree with where he is coming from in relation to it adding attack surface, complicating the code, and tying him up from working on other things. Those are all legit reasons coupled with the fact that this you can just use something like HAProxy or Pound in front of varnish.

For me nginx caching is good enough for my personal use and at work we are not to the point that using varnish would provide big enough gains to offset the time to implement it (we are SSL-only). That said I will continue to keep my eye on varnish because I have used it before and quite liked it.

[phkamp]

Let me just make absolutely clear: It's not my opinion that certain people don't deserve privacy, it is the law of the land, duly enacted and ratified by legitimate governments.

If you want to change that, vote.

[joshstrange]

Apologies, the line:

> The next big issue is that there are people who do not have a right to privacy. In many countries this includes children, prisoners, stock-traders, flight-controllers, first responders and so on.

and a comment in this thread

> And I fundamentally disagree with the premise that there are people who do not deserve privacy. I can not think of a single person I would wish complete exposure of their lives upon. (https://news.ycombinator.com/item?id=9454402)

caused me to misinterpret that. Do not have a right != Do not deserve. I am very sorry that I implied something that is not true. I am editing my original post to clarify this.

[viraptor]

What does that mean then?

> But one of the biggest problem I have with SSL Everywhere is that it gives privacy to the actors I think deserve it the least.

Some deserve privacy more than others? How does that work?

[phkamp]

How many mentions do companies get in national constitutions ?

They're not mentioned one single time in the US or the Danish Constitutions, yet, both countries they more or less run government now.

UN's human rights don't mention them either.

Companies have no claim to human rights, like privacy, because they are not humans.

And if you think all humans, no matter what, should have a universal, unabbridgable right to privacy: Vote in your elections, and if nobody is worthy of your vote, get yourself elected instead.

But right now there are fully valid laws that says certain classes of humans do not get privacy, and the government which enacted those laws are legit, elected and have every right to enforce their laws.

[viraptor]

I get that at the moment some don't get privacy. I meant the "deserve it the least" part. It seems to contradict "It's not my opinion that certain people don't deserve privacy".

I don't think deserving privacy has a scale. I understand your "deserve least" as "I'd rather they didn't have privacy". Feel free to correct me.