-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > The "make firefox" rule uses wget to get a few files. Is this because you > don't want to distribute signatures on Github? Ideally, it would use local > files only. I was referring to the HTTPS statement. I'd like to deepen this statement. There are signatures and I also think that the GitHub clone reduce the complexity. I agree that the latter will be the default. However HTTPS is used both in the clone and in the process to get my public key.
> Well, it crashed my machine... I had to reboot the whole thing. It would be > nice if it did something more graceful when presented with 20 links at the > same time, even if it is just asking for confirmation. Why 20? Why not 10, 30 or other numbers? However to avoid DOS attacks, very plausible, is useful to have a maximum requests per second. When this limit is reached the extension blocks other request and warns the user. This is a vital feature.. ;) > Also, I think your tool could be quite useful for several different use > cases. Perhaps it's better to have the default configuration being > unobtrusive, but allow the user to switch on more defenses if they like. I think that the opposite is better. *The user* sets as default "Open here mode" (not secure), and then, trough Quick Settings, it could switch to "redirection mode". Quick Settings has to be very flexible. More secure default, is better.. I repeat: the extension did its job. However why do you not whitelist these (20+) URLs (or related domains), if you consider them trustworthy? > (I think this idea needs a bit more thought!) I agree. It's something not, principally, related to this extension. I'm also waiting to try the stable 4.0. Best Regards, Raffaele. -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE9bU8N8AgwMcjiC1xjTxG+6f1ce4FAlp3Qf4ACgkQjTxG+6f1 ce7BnhAAwF/AY+45vN0w7bnRTv2Db5p6sHwDphKJ0zodyHOdvVb6oUyt6JFkHvbA u/xsZflBRhZr82u2B+17//lyazXjBN3JiZkDPhKyDie0frlS/4YtTu8W2hNorzOu lW3QFvie9qsPyPjSqtgUijS7nkPguXCDnbPmYPnnYQLyubI7MOVKD8E+ePW5WAdj E1lMZvSRot47oB7I7RvCzo1tqSDj6pb72JlTFL1OARYQqyKV5kMOnDOFi4mONCat tt+u3dMgEm4eQ7k+Y3PEVLmLcw9p2RYawRsF8n+8RZHdCHc1UTpL2hwvii+Um0jW kggj5GA83wTn6q+4xf4TkVulPMZX9lYagp4Lv3KvQjAxL+Gw+HFhOY9ryREKLcSs O8hX1VbZBDIk2y2A76+x3AhGPqlpoAzDAKcti9au9ftUw7lbTpZMDTp79DqJiHLD TAcNmk5xvzzj9yJiswSVff5ykf51ogFVndQpzKxfgwGOqoZtx7w69v46nCp9dnjx qVD193N5MAlm9ewvGAwYReepcNW0rpBhP69dTzuYFGQzQ5t72ip6Jr7YWa9ReYf2 e3eBzs4jyx9Bsm6IzP0kphcWwp4goxlymnm/Bwa1Knx9RdpZzekVo46ujiC6SZI6 Npbmf5EYLtYqFLXdujuva8CBg1jbBfUSpvBP0KQMov8E9RiEk+s= =lITa -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/4RuL5V-Z2zYXtQHBzASIEQrJWZaKhYPSjioYTd3EqMQmfmfGaKaP5NdnPAQeYd4-TnnB8fceaemTSqB0DxRwNFKVrh6BUH0JhsxrpOYzzgs%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
