Opened 7 years ago

Last modified 3 years ago

#10071 new project

Highlight Perfect Forward Secrecy

Reported by: wombatrunner Owned by: pde
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Perfect Forward Secrecy (see provides better protection to users than traditional SSL encryption by preventing communications from being decrypted en masse.

However, very few sites use this. Google might be the only large provider at the moment and Facebook may be considering it.

I suggest that a styling be applied to the HTTPS Everywhere icon, or some other indication be provided, to highlight sites that use this. Making users aware that there are gradients in HTTPS security and highlighting those agencies that are doing it right fits well with the cause of this program.

Child Tickets

Change History (6)

comment:1 Changed 7 years ago by nickm

Component: - Select a componentEFF-HTTPS Everywhere
Owner: set to pde

comment:2 Changed 7 years ago by zyan

Type: enhancementproject

More generally, there could be a feature in HTTPS Everywhere that rates the site's TLS/SSL deployment on the basis of some categories like PFS ciphersuites, key size, and HSTS support. I'm going to change this to "Project" since implementing it would be a significant effort.

comment:3 Changed 6 years ago by cypherpunks

Summary: Highlight Perfect Forward SecrecryHighlight Perfect Forward Secrecy

comment:4 Changed 6 years ago by mmcc

I think there's an important distinction here: should we indicate whether the website supports FS, or whether we're using FS for the current connection? I think the latter would be more direct and useful. FS support usually implies FS use, but things like misconfigured cipher preferences or tampered-with cipher lists are dangerous exceptions.

Is anyone working on this? I'm interested in doing some development on it over the next couple of days. I have little icon graphic design experience, but the JS seems pretty straight-forward.

comment:5 Changed 6 years ago by mmcc

comment:6 Changed 3 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.