On 03/30/2014 08:08 PM, Paul Wise wrote: > On Wed, 2014-03-05 at 16:13 +0800, Paul Wise wrote: > >> Yeah, that is why I suggest only submitting domains rather than rules. >> When you get new domains submitted by users you can pro-actively check >> the ruleset, test the domains from multiple network points and update >> the ruleset. > > On that note, do submissions from the SSL observatory get turned into > HTTPS Everwhere rulesets at all? >
Not currently, though I would be worried about people submitting spoofed certs. We'd still have to check the domains to make sure the site supports SSL and nothing is terribly broken.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
