HTTPS Everywhere Rule Sets for UMBC, tools.ietf.org

The server tools.ietf.org supports TLS, but my browser's HTTPS Everywhere seems unaware of this fact. So I wrote a rule set for that server. I have previously posted here an HTTPS Everywhere rule set for an oft-used (by me) server at UMBC; for convenience, this is reproduced below.

<ruleset name="tools-ietf">
  <target host="tools.ietf.org" />

  <rule from="^http://tools\.ietf\.org/" to="https://tools.ietf.org/" />
</ruleset>

<ruleset name="userpages-UMBC">

  <target host="userpages.umbc.edu" />

  <rule from="^http://userpages\.umbc\.edu/" to="https://userpages.umbc.edu/"/>

</ruleset>

Where do these rules go? See the EFF docs or my prior description.

HTTPS Everywhere Rule Set for userpages.umbc.edu

Many of the servers at  UMBC do not support HTTPS, but userpages.umbc.edu, the server(s) for user home pages, does. However, probably few people access it securely. For those using HTTPS Everywhere, I wrote an extension for HTTPS Everywhere:

<ruleset name="userpages-UMBC">

  <target host="userpages.umbc.edu" />

  <rule from="^http://userpages\.umbc\.edu/" to="https://userpages.umbc.edu/"/>

</ruleset>

I haven't figured out how to install this in my Chrome profile, but it works fine with Firefox HTTPS Everywhere. Tips would be appreciated.

First, HTTPS Everywhere must be installed. Most people should install it anyway. The EFF is doing great things for the public, which is why I donate annually.

Second, the file must be installed "in the HTTPSEverywhereUserRules/ subdirectory in your Firefox profile directory" (see the EFF page). Then restart Firefox. On my Xubuntu system, this directory was

~/.mozilla/firefox/xxxxxxxx.default/HTTPSEverywhereUserRules. The penultimate part of that path will vary from system-to-system.

[ Originally omitted; added 2013-06-09 ]:
Third, the file name must match the domain name, userpages.umbc.edu in this case.

Get HTTPS Everywhere from the EFF here.

Important New Privacy Development from the EFF

The EFF now has a privacy tool called HTTPS Everywhere available as a Firefox add-on at https://www.eff.org/https-everywhere

This causes many pages that support https access to use https. Examples include Google, Wikipedia, and Amazon, as well as others I haven't tried, e.g., Twitter and Facebook. This seems a valiant attempt to make it harder to eavesdrop on traffic and simply like a good idea. It's in the spirit of "encrypt everything," the idea that all traffic should be encrypted simply because some people think encrypted traffic is likely to be more important, more likely to include incriminating informations, etc.

Related post: http://martesmartes.blogspot.com/2010/07/important-privacy-development-from.html

Sound track: Depeche Mode, "Love In Itself"

The Truth about ACTA

Michael Geist speaks on ACTA.