From owner-freebsd-questions@FreeBSD.ORG Wed Oct 28 08:17:47 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 88D2A1065670 for ; Wed, 28 Oct 2009 08:17:47 +0000 (UTC) (envelope-from bennett@cs.niu.edu) Received: from mp.cs.niu.edu (mp.cs.niu.edu [131.156.145.41]) by mx1.freebsd.org (Postfix) with ESMTP id 5CE928FC15 for ; Wed, 28 Oct 2009 08:17:47 +0000 (UTC) Received: from mp.cs.niu.edu (bennett@localhost [127.0.0.1]) by mp.cs.niu.edu (8.14.3/8.14.3) with ESMTP id n9S8GoJe028303; Wed, 28 Oct 2009 03:16:50 -0500 (CDT) Date: Wed, 28 Oct 2009 03:16:50 -0500 (CDT) From: Scott Bennett Message-Id: <200910280816.n9S8Gocq028302@mp.cs.niu.edu> To: freebsd-questions@freebsd.org, Michael Powell Cc: Alexander Best Subject: Re: howto use https in favour of http X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Oct 2009 08:17:47 -0000 On Tue, 27 Oct 2009 09:32:21 -0400 Michael Powell wrote: >Scott Bennett wrote: > > >>>> Alexander Best wrote: >>>>>> Hi, >>>>> >>>>>>> i've added the following line to my /etc/hosts: >>>>> >>>>>>> permail.uni-muenster.de:25 permail.uni-muenster.de:443 >>>>> >>>>>>> so what i want is for freebsd to never use http, but https for that >>>>>>> address. >[snip] > >Perhaps the easiest direct solution is to bookmark > >https://permail.uni-muenster.de/ in the browser bookmarks instead of > >http://permail.uni-muenster.de/ > If he wants to apply the HTTPS requirement only to a particular page (e.g., the home page) at a web site, that *might* work. OTOH, there may be points of failure, such as this example in the page whose URL is shown above. Depending upon a bookmark would also fail to apply the restriction to any links to other pages at the same site that the user might click on on the page. It also ignores the many dozens (hundreds?) of security problems that are fixed/blocked by plug-ins like NoScript and Torbutton. Once NoScript has been installed, it is plenty easy, as I outlined previously, to apply such a restriction to an entire web site or to all web sites in a given domain. Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at cs.niu.edu * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************