HTTPS Everywhere Firefox addon
Mike Perry
mikeperry at fscked.org
Fri May 28 23:41:08 UTC 2010
Thus spake Runa A. Sandvik (runa.sandvik at gmail.com):
> On Fri, May 28, 2010 at 4:34 AM, Mike Perry <mikeperry at fscked.org> wrote:
> > The eventual idea is to allow an Adblock Plus style model, where users
> > can submit and exchange rule files and eventually create subscriptions
> > for the sites they use that partially support SSL.
>
> Have you seen https://crypto.stanford.edu/forcehttps/ ? (I haven't
> read the paper and I don't know much about it, but it might be worth a
> look).
Yeah, this addon doesn't have a UI. It was a research implementation
of the server-specified STS protocol (and the original source of this
idea), which allows servers to specify the browser use HTTPS for
certain paths. Our code is based on the NoScript implementation of
STS, which was also amenable to creating rules.
https://secure.wikimedia.org/wikipedia/en/wiki/Strict_Transport_Security
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20100528/c560134b/attachment.pgp>
More information about the tor-talk
mailing list