[HTTPS-Everywhere] SSL Observatory with HTTPS Finder-like discovery?
Kevin Jacobs
kevin.a.jacobs at hotmail.com
Fri Sep 23 13:47:35 PDT 2011
Hi all -
I like what you are doing with adding the SSL Observatory reporting to HTTPS Everywhere. I’m the developer for HTTPS Finder, and wanted to run an idea past any interested parties.
With HTTPS Everywhere 2.0, it looks like a user must visit some https:// page in order for the certificate to be collected and reported to the Observatory.
If the user has HTTPS Finder installed (with “auto-forward to HTTPS” enabled), this results in more https:// page connections, and therefore more data reported to the SSL Observatory.
Have you given any thought to implementing HTTPS detection, similar to HTTPS Finder? The difference is that it would be 100% background detection with no alerts, for the sole purpose of collecting more certificates (without affecting the rule-based approach of HTTPS Everywhere). It could be a separate “advanced” option in addition to “opt-in reporting” (i.e. opt-in discovery).
I think this could greatly increase the amount of data reported to the SSL Observatory. Let me know your thoughts on this – I’d be happy assist.
Regards,
Kevin Jacobs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20110923/81ec3fcf/attachment.html>
More information about the HTTPS-everywhere
mailing list