[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Let's talk about HTTPS Everywhere

On Wed, 19 Jan 2011 03:29:15 -0800, S Mathias wrote:

> Ok. It's a Firefox Add-on:
> 
> https://www.eff.org/https-everywhere
> 
> Questions:
> 
> 1) But: Why can't i find it on the offical Firefox Add-ons site?:
> https://addons.mozilla.org/en-US/firefox/

It was there:

http://webcache.googleusercontent.com/search?q=cache:udWjQhqxiWoJ:https://addons.mozilla.org/es-ES/firefox/addon/229918/+HTTPS+Everywhere&cd=3&hl=es&ct=clnk&client=iceweasel-a

> 2) Did anyone audited the "HTTPS Everywhere" code?

This dunno...
 
> 3) Can someone trust this Add-on? Is it safe to install/use?

I don't like/trust anoymous (even encrypted) proxy sites.
 
> 4) If it's so great why isn't it more prevalent?

- SSL traffic is heavy and slow
- There no need (normally) for encrypting public navigation (see the note 
below)

> What's youre opinion? Or answer? :\

My opinion is that I don't want to encrypt all the traffic, at least not 
with the slow DSL connections/hosts we have now (loading a single page 
will take seconds). I prefer to leave the SSL/TLS for sensitive data 
(logins, etc...). 

Or better yet, provide a "hardware" solution for transparently encrypt 
all the data and its transport. Software is slow >:-)

(note) I can see it could be useful for countries with non-free 
goverments, or for another, hum, uses...

Greetings,

-- 
Camaleón
Reply to: