Re: Firefox: security vs flexibility or rtfm?

[Mark Copper <mcopper@straitcity.com>]

On Fri, Apr 28, 2017 at 9:14 PM, Andy Smith <andy@strugglers.net> wrote:
> Hi Mark,
>
> I think Mozilla's position is reasonable since if you allow this
> sort of thing to remain possible, nobody will fix anything. Broken
> software will ship with instructions for the users to "just make an
> exception".
>
> Would it be feasible to put a proxy in front of the HTTP-only
> service, that consumes HTTP on its backend and exposes HTTPS on its
> frontend?
>
> That way, the burden is on the administrator rather than the
> end-user, which is probably a fairer division of labour.

I think this is spot on. Thank you. A quick search shows Apache
modules mod_proxy and mod_ssl as a viable path. And with cheap single
board computers preloaded with Debian and Apache, old gear stays
economically viable. Cool.

Your point about division of labor is well-taken. While I initially
bridled at free software not being free, I understand that a publicly
distributed browser has special responsibilities--especially when
there exist secure solutions to a given problem just a little further
afield.

Mark