**** Please copy replies to https-everywhere-ru...@eff.org, https-everywh...@eff.org, tor-talk@lists.torproject.org ****
Neil, can you please post to the Rules Mailing List next time, i.e. https-everywhere-ru...@eff.org...I almost missed this because it was not copied to the Rules Set's mailing list which I frequent... pay.reddit.com works fine for me.... www.reddit.com == pay.reddit.com same content in HTTPS. Can you also point out where exactly (which URL) there is a bug when the current ruleset is used? I don't see it. Which URLs so we can exclude them specifically. This is what the extension does. It redirected for example: en.wikipedia.org to secure.wikimedia.org The reasons for using HTTPS are many including to prevent snooping on the TOR Network. Am I misreading something, or Peter are you planning to disable Reddit just because someone says so? This is a slippery slope...Next thing you know all websites will want out... Removing/Disabling the whole site (when it is working) goes against all the principles that EFF stands for. Unless it doesn't work it should not be removed. On Sat Aug 6 15:18:45 PDT 2011, Peter Eckersley wrote: Hi Neil, Thanks for the bug report! We'll push an update shortly to disable the Reddit ruleset for the time being. Let us know when Reddit has HTTPS for real. (As an aside, a contributor submitted a more radical proposed ruleset for Reddit.com to our git master repository. We have not shipped it and won't do so unless you ask us to: https://gitweb.torproject.org/https-everywhere.git/blob/72056be0dcf2d74e23fac9feff798e1bb841b670:/src/chrome/content/rules/Reddit.xml ) On Fri, Aug 05, 2011 at 12:31:22PM -0700, Neil Williams wrote: > Hi there, > > We noticed that you added reddit to the HTTPS Everywhere extension > using pay.reddit.com. This is causing a lot of issues for users > because our certificates aren't set up for general purpose use (Akamai > issues etc.). We don't support HTTPS at the moment for anywhere on the > site except the self-serve advertising purchase pages. I love your > extension and we will be upgrading reddit to fully support HTTPS, but > that's not the case right now :( Is there anything you can do to stop > them from using pay.reddit.com from your extension? > > Thanks, > Neil > _______________________________________________ > HTTPS-everywhere mailing list > HTTPS-everywhere at mail1.eff.org > https://mail1.eff.org/mailman/listinfo/https-everywhere -- Peter Eckersley pde at eff.org Senior Staff Technologist Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993 _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
