[HTTPS-Everywhere] what does HTTPS-Everywhere consider a "valid" X.509 certificate? [was: Re: Custom rules]
Eitan Adler
lists at eitanadler.com
Sat Oct 16 11:38:18 PDT 2010
On Sat, Oct 16, 2010 at 2:32 PM, Chris Palmer <chris at noncombatant.org> wrote:
> Seth Schoen writes:
>
>> I think you're misunderstanding. I think the proposal is simply to
>> have a way to segregate rules by _whether they trigger a warning_ in
>> a vanilla Firefox install. By default, only rules that do not
>> trigger a warning would be turned on.
>
> Oh, I see. Sorry about that, Mike and all.
>
> Why should HTTPS Everywhere have any interaction at all with Firefox'
> certificate acceptance policy, whatever it is by default and whatever it is
> after user reconfiguration)? Shouldn't the two pieces be orthogonal?
1) One thing to point out is that any encryption is better than none.
The only reason I see to disable these rules by default is because the
warnings scare the end user. It would be very helpful to have an
option to allow the rewrite rules to work for all websites - even if
they generate warnings.
2) Is there some API for dynamically checking whether a site will
generate a warning? That would avoid the need keep such data in the
rewrite rules.
--
Eitan Adler
More information about the HTTPS-everywhere
mailing list