[HTTPS-Everywhere] HTTPS Everywhere 0.3.0.development.1
Peter Eckersley
pde at eff.org
Sat Nov 13 13:51:25 PST 2010
It's worth noting that in a use case like this, HTTPS Everywhere is equivalent
to HSTS:
https://secure.wikimedia.org/wikipedia/en/wiki/Strict_Transport_Security
On Fri, Nov 12, 2010 at 06:01:27PM -0500, Daniel Kahn Gillmor wrote:
> On 11/12/2010 05:49 PM, Robert wrote:
> > On 12 November 2010 20:04, Peter Eckersley <pde at eff.org> wrote:
> >> - Github
> >
> > Given that Github forces https on their end is there an actual need to
> > include this rule, [or those for other sites that only allow https]?
>
> yes, we still need https-everywhere.
>
> http://www.thoughtcrime.org/software/sslstrip/
>
> Regards,
>
> --dkg
>
--
Peter Eckersley pde at eff.org
Senior Staff Technologist Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the HTTPS-everywhere
mailing list