All hail EFF's new Encrypt the Web with the HTTPS Everywhere Firefox Extension.
Recent Bluessky Posts- Jotwell Torts: Gregory Keating, Sponsoring Torts: Reconceptualizing Platform Liability, JOTWELL (January 13, 2026) (reviewing Jordan Wallace-Wolf, A Novel Tort Duty for Platforms that Intermediately Produce Real World User Interactions, 18 J. Tort L. 439 (2025). ), torts.jotwell.com/sponsoring-t... January 13, 2026 Jotwell
- “On the one hand, it feels weird to say the US government is attempting some low-key ethnic cleansing. On the other hand, we have a masked secret police force attempting to kidnap brown people; one government agency daydreaming about deporting 100 million people…” open.substack.com/pub/thebulwa... January 13, 2026 Bill Kristol
- Every day, something vile. But even in that context this has to be special. Esp since Trump says he's running Venezuela. January 13, 2026 Michael Froomkin
- "Papers please". Putin would be so proud. Good to see that the victim had no truck with it despite the threats. January 12, 2026 Michael Froomkin
- Jotwell Legal Hist: Samy Ayoub, Equality Before Law: Just Zionism, Political Liberalism, and the Question of Palestine, JOTWELL (January 12, 2026), legalhist.jotwell.com/equality-bef.... 1/2 January 12, 2026 Jotwell
i dunno, ssl is not trivial, server-side. insisting on it, all the time, will invariably increase load and break some sites that do automagical redirection (hotmail certainly, yahoo maybe, gmail probably not). IPv6 could in theory make this a moot point, but alas, it’ll get rolled out with widespread acceptance right around the 5th of Never.
I don’t think ipv6 has a lot to do with this (application support for ipsec? seriously??) but think this could be useful. I’m really not sure what’s at the end of the pipe and it may be the case that the endpoints are sufficiently widely distributed that computational load associated with SSL/TLS is largely a moot question. There are an awful lot of sites using unencrypted password-based authentication, and that needs to be protected (even though it won’t protect things like pop and imap).
Also, to the “5th of Never” comment, I’d probably go with the 3rd of Never – v6 support is already available on Google, Youtube, Facebook, and a bunch of other high-traffic sites. I work at a DOD-affiliated center and I’d guess the majority of my network traffic is transported over v6.
There are potentially some sort-of weird topological issues here (and getting back to the v6 thing, what *about* v6?) but on balance I’d say this is more good than bad, and that’s good.