Hi,
On Thu, Jun 25, 2015 at 10:38 AM, Deryck Chan <deryckchan(a)wikimedia.hk> wrote:
Recently Wikimedia sites switched to https-only for
privacy reasons
I think the reasons are a bit more complex (and numerous) than that.
and the
https certificate has been updated to prevent access altogether where a
secure connection couldn't be established.
What does this mean? anyway, I don't think it's accurate.
(maybe you mean the 301 or maybe you mean HSTS? neither of those
relates to the certificate)
This is a problem because some schools and companies
deliberately eavesdrop
https for monitoring purposes by inserting an in-house https certificate.
Wikimedia's switch to https-only is preventing people from such networks
from even *reading* Wikipedia.
This snooping is probably unnecessary and unwarranted. (and probably
also not comprehensive. people can find ways to tunnel. e.g.
https://packages.debian.org/sid/iodine )
Others have speculated about this place may have something
misconfigured. (e.g. how did it ever work for bank sites?) Anyway,
I'll wait for you to provide more details and establish this is a real
problem and not the client's problem before discussing it any further.
Is there a compromise that can be sought?
I don't think so.
-Jeremy