Thus spake Runa A. Sandvik (runa.sandvik@xxxxxxxxx): > On Fri, May 28, 2010 at 4:34 AM, Mike Perry <mikeperry@xxxxxxxxxx> wrote: > > The eventual idea is to allow an Adblock Plus style model, where users > > can submit and exchange rule files and eventually create subscriptions > > for the sites they use that partially support SSL. > > Have you seen https://crypto.stanford.edu/forcehttps/ ? (I haven't > read the paper and I don't know much about it, but it might be worth a > look). Yeah, this addon doesn't have a UI. It was a research implementation of the server-specified STS protocol (and the original source of this idea), which allows servers to specify the browser use HTTPS for certain paths. Our code is based on the NoScript implementation of STS, which was also amenable to creating rules. https://secure.wikimedia.org/wikipedia/en/wiki/Strict_Transport_Security -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgppzLMj2O6wx.pgp
Description: PGP signature