<p dir="ltr">Without further comment, I'll call out:</p>
<p dir="ltr">* the FAQ entry on this topic: <a href="https://www.eff.org/https-everywhere/faq#amo">https://www.eff.org/https-everywhere/faq#amo</a><br>
* the extant discussion on this topic in the bug tracker: <a href="https://trac.torproject.org/projects/tor/ticket/9769">https://trac.torproject.org/projects/tor/ticket/9769</a></p>
<p dir="ltr">to help inform the discussion here.<br>
</p>
<div class="gmail_quote">On Apr 20, 2014 9:35 PM, "Dave Warren" <<a href="mailto:davew@hireahit.com">davew@hireahit.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On 2014-04-20 11:21, 810d4rk wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
We need to get HTTPS-Everywhere on firefox addons, it is hurting the project not to have it there<br>
</blockquote>
<br>
I agree. As a rule, I refuse to install extensions that don't come from the approved and authorized distribution source. HTTPS-Everywhere was a reasonable exception for me, given that it's created and distributed by the EFF.<br>

<br>
But I don't think that training users to just install an extension from anywhere is a good idea. Not that the official repositories are necessarily safe, but at least a bit of curation can keep the worst out.<br>
<br>
-- <br>
Dave Warren<br>
<a href="http://www.hireahit.com/" target="_blank">http://www.hireahit.com/</a><br>
<a href="http://ca.linkedin.com/in/davejwarren" target="_blank">http://ca.linkedin.com/in/<u></u>davejwarren</a><br>
<br>
<br>
______________________________<u></u>_________________<br>
HTTPS-Everywhere mailing list<br>
<a href="mailto:HTTPS-Everywhere@lists.eff.org" target="_blank">HTTPS-Everywhere@lists.eff.org</a><br>
<a href="https://lists.eff.org/mailman/listinfo/https-everywhere" target="_blank">https://lists.eff.org/mailman/<u></u>listinfo/https-everywhere</a><br>
</blockquote></div>