[HTTPS-Everywhere] HTTPS by default for addresses with no scheme
Drake, Brian
brian2 at drakefamily.tk
Fri Dec 24 09:40:58 PST 2010
Yes, I’m well aware of that. That’s why I said my proposed feature should be
turned off by default.
I’m particularly interested in the first part of my idea: addresses typed
into the address bar. Then I can type in http:// to override it.
Another idea is to automatically redirect any time the corresponding https
address has successfully loaded before but the http address has not.
On Wed, Dec 22, 2010 at 2246 (UTC-8), Osama Khalid <osamak at gnu.org> wrote:
> > I’m just throwing this idea out there, with no idea whether we can
> > actually do it: for addresses either typed into the address bar or
> > specified in link targets, make them HTTPS instead of HTTP by
> > default. This would really be secure by default.
>
> I just wonder how useful this can be. There is a very good reason why
> automatic redirecting won't work and I wonder if anyone will benefit.
> https://www.eff.org/https-everywhere/faq/#automatic-https
>
> --Osama Khalid[snip]
>
--
Brian Drake
Alternate (slightly less secure) e-mail: brian at drakefamily.tk
Alternate (old) e-mail: brianriab at gmail.com
Facebook profile: Profile ID
100001206642672<https://ssl.facebook.com/profile.php?id=100001206642672>
Twitter username: BrianJDrake <https://twitter.com/BrianJDrake>
Wikimedia project username:
Brianjd<https://secure.wikimedia.org/wikipedia/meta/wiki/User:Brianjd>(been
inactive for a while)
All content created by me © 2010 Brian Drake. All rights reserved.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20101225/3ead186d/attachment.html>
More information about the HTTPS-everywhere
mailing list