[HTTPS-E Rulesets] Firefox 83 HTTPS-Only Mode

Andrew C Aitchison eff at aitchison.me.uk
Mon Dec 7 14:07:52 PST 2020 

On Mon, 7 Dec 2020, Ian Stapleton Cordasco wrote:

> I don't understand your concern. Are you worries that this project will
> become obsolete?

I guess my worry is that what is built into firefox will be good enough
that the https-everywhere plugin will die, but without having all the 
features and advantages of the plugin.

Or are you saying that the new mozilla feature is based on the EFF's 
work and includes all relevant functionality and useability, including the
community-curated site-specific rules ?

> As a maintainer of software, my hope is that it always becomes obsolete.

[ Is that a general or a specific statement ?
   If my software is solving a problem, I don't mind if the problem
   goes away, but I do "object" if people move to an inferior solution.
   If the need continues, I want my tool to continue to satisfy it at
   least until a better one comes along.                                ]

> I don't understand why this feature is a bad thing

One example of my fear is that when Microsoft added a simple grammar 
checker to Word, use of a much better existing product died away and 
then there was no incentive for Microsoft to improve their tool.

> On Sun, Dec 6, 2020, 10:16 Andrew C Aitchison via HTTPS-Everywhere-Rules <
> https-everywhere-rules at lists.eff.org> wrote:
>
>>
>> I see from
>>
>> https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/
>>
>> Mozilla is pleased to introduce HTTPS-Only Mode, a brand-new security
>> feature available in Firefox 83. When you enable HTTPS-Only Mode:
>>     Firefox attempts to establish fully secure connections to every
>> website, and
>>     Firefox asks for your permission before connecting to a website
>>           that doesn't support secure connections.
>>
>> https://www.eff.org/deeplinks/2020/11/10-years-https-everywhere
>> considers this a good move, but have you more to say about it,
>> especially how we can ensure that this does not damage https-everywhere's
>> community-curated list of rules for particular sites ?
>>
>> Thanks,

-- 
Andrew C. Aitchison					Kendal, UK
 			andrew at aitchison.me.uk

More information about the HTTPS-Everywhere-Rules mailing list