[Bug 704874] New: Update alias for webmaster guadec org

  sysadmin | Other | unspecified

           Summary: Update alias for webmaster guadec org
    Classification: Infrastructure
           Product: sysadmin
           Version: unspecified
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: Normal
         Component: Other
        AssignedTo: sysadmin-maint gnome bugs
        ReportedBy: reinouts gnome org
         QAContact: sysadmin-maint gnome bugs
     GNOME version: ---

Today, I received the following email, directed to webmaster guadec org 
Apparently my email address is (still) listed as the forwarding target, even
though I haven't been involved with the Guadec web site since 2010.

Please update the webmaster alias.

You're receiving this note because guadec.org is part of our HTTPS
Everywhere browser extension, and an upcoming change to the way
Firefox handles HTTPS pages may cause your site to display or function
incorrectly. We want to make sure that the nearly 3 million HTTPS
Everywhere users have the best possible experience while browsing, so
we're asking you to please take a minute and test how your site
behaves in Firefox 23.  You can find out more about our software at


To see the rules affecting your site, you can visit the HTTPS Everywhere
Atlas at


The Atlas shows both rules in the development and stable versions of
our extension.  Rules in the stable version are used by millions of
users, while development rules are used by tens of thousands of users.
Development rules are now being tested but will be migrated to the stable
version in the future.

**An upcoming change (described below) in how the Firefox browser renders
HTTPS content makes it especially important that you check that your site
is prepared for HTTPS access.  We urge you review the rules affecting
your site and also to test it using HTTPS Everywhere with the upcoming
version of Firefox.**

*NEW FIREFOX CONTENT SECURITY POLICY*: In the upcoming Firefox 23 browser
release, due out the week of August 6, Firefox will stop loading certain
"active" content such as scripts and stylesheets from insecure http://
URLs if they've been included from a secure https:// site.  If the HTTPS
Everywhere rules send users to the secure version of your site but the
secure version includes some content loaded over an insecure connetion,
the rendering of your site may become broken for Firefox users with HTTPS
Everywhere installed after they upgrade to Firefox 23.  You can check
this by downloading a preview release of Firefox 23, installing HTTPS
Everywhere, and visiting your site.  We urge all web site operators
to protect their users by making sure that all site content is always
loaded over a secure connection.  A preview version of Firefox 23 is
available now at https://www.mozilla.org/en-US/firefox/beta/ and the
HTTPS Everywhere extension is at https://www.eff.org/https-everywhere

HTTPS Everywhere rules instruct browsers to access certain specified
resources securely -- over HTTPS -- even if the user typed or followed
a non-HTTPS link or even if the resources were included in a page
via a non-HTTPS URL.  For example, it might automatically rewrite




or make some similar change.

The goal of this rewriting is to protect as much as possible of every web
site against sniffing and tampering by ensuring that as many site resources
as possible are loaded over a secure HTTPS connection.

When web sites are accessed insecurely, users are vulnerable to attacks by
other users on their networks.  HTTPS Everywhere aims to activate sites'
existing HTTPS protection more consistently to make sure users are as
well-protected from these attacks as possible -- including attacks like
sidejacking and SSL stripping.


As a result, we think there's an emerging consensus to make all web sites
secure, not just financial sites and login pages.  Providing a secure
connection helps protect users' login credentials, but also helps protect
their privacy and security even when accessing public resources, for
example by preventing network operators from injecting malware downloads.

The goal of HTTPS Everywhere is to make the web more secure and help
users express their preference to use the secure version of every site
automatically, even on sites where this is not the default.  We don't want
to break sites or harm users' experience.  So, we encourage webmasters to
test the effect of HTTPS Everywhere on their sites and fix any problems
that result -- ideally, by making sure that all resources that make up
a site are available over HTTPS, using a current, valid certificate.
Although we only include rules that we've been told and believe work
properly, we can't always anticipate whether a rule adversely affects a
site, especially if the site's URL structure, use of CDNs, or level of
HTTPS support changes over time.

We are always happy to receive bug reports, updates, and fixes to HTTPS
Everywhere rules.  We will also make rules inactive by default if a
site operator asks us to.  Although we are working for a web where
all sites are secure, we are not trying to use this software to force
sites to use HTTPS against their operators' wishes.  You can send any
corrections, updates, or requests to https-everywhere-rules eff org
(which is a public and publicly-archived mailing list), or by replying
to this e-mail address.

Thanks for your attention!

Seth Schoen, Senior Staff Technologist, Electronic Frontier Foundation
for the HTTPS Everywhere development team

Configure bugmail: https://bugzilla.gnome.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the QA contact of the bug.
You are watching the assignee of the bug.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]