[HTTPS-Everywhere] Stupid Perl Tricks: ssl_check2.pl

[Peter Eckersley]

On Mon, Nov 08, 2010 at 01:50:16AM -0400, Flamsmark wrote:

> Many security or privacy oriented addons - like NoScript and RequestPolicy
> break sites by default. They typically come with a small whitelist of things
> that are known to safely fix some things, but leave the rest up to the user.
> I'm not saying that this is exactly the right approach for HTTPS Everywhere.
> It's possible, for instance, that the you'd prefer not to rely on users to
> make those sort of security assessments. 

The design philosophy for HTTPS Everywhere was to do as well as possible with
something that the user could hopefully "install and forget".  We aren't there
yet (either in terms of security or complete forgettability) but hopefully
we're on the right track.

> However, I could certainly see the value of this approach, for the more
> sophisticated user at least. I know that I would appreciate that approach,
> even if I'm not the typical, or target user. 

NoScript and RequestPolicy are great (I personally like to use one thought not
both at once), but they have a much narrower audience than I hope HTTPS
Everywhere is getting.  I would have no problems accepting patches that add
options like content-based https-probing for advanced users, if they can be
implemented well, I just don't envision that option being on by default.

A related option that I *would* consider shipping by default is to probe
HTTPS, and if we get an HSTS response, switch over to HTTPS.  But even that
would have some subtle issues, because we would have to do the probe
asynchronously (the latency costs are too high otherwise) and be able to
transition sensibly from a partially or fully loaded HTTP page, over to HTTPS.

-- 
Peter Eckersley                            pde at eff.org
Senior Staff Technologist         Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993