To date internal surveys have run on a non-encrypted LimeSurvey instance hosted on a WMF server. It's ironic that this server has been just taken down because of potential security issues (SQL injection). I'd recommend that we ask researchers to use standard encryption whenever possible (Limesurvey for one does support HTTPS).

Dario

On Sep 28, 2011, at 7:52 AM, Aaron Halfaker wrote:

Usually, I'd expect an encrypted connection between user and server so that the survey data can be protected against a man-in-the-middle attack.  However, this particular survey doesn't ask for information that is very personal in nature with the possible exception of age group (e.g. 13-20, 21-30, ..., 51 and above).

-Aaron

On Wed, Sep 28, 2011 at 9:28 AM, Goran Milovanovic <goran.s.milovanovic@gmail.com> wrote:
What is the usual way to do it? Use SSL? What are the previous
experience and how did the RCom responded previously to similar
requests?

Best,
G.

On Wed, Sep 28, 2011 at 4:26 PM, Aaron Halfaker
<aaron.halfaker@gmail.com> wrote:
> Hey folks,
> The researcher running one of the new projects
> (http://meta.wikimedia.org/wiki/Research:Anonymity_and_conformity_over_the_net)
> wants to have editors take a survey, but not use SSL or any other data
> encryption technology.  What do you think?
> -Aaron
> _______________________________________________
> RCom-l mailing list
> RCom-l@lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/rcom-l
>
>



--
--------------------------------------------------------------
"Truth is much too complicated to allow
anything but approximations."
                             :: John von Neumann
--------------------------------------------------------------
http://www.milovanovicresearch.com

_______________________________________________
RCom-l mailing list
RCom-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/rcom-l

_______________________________________________
RCom-l mailing list
RCom-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/rcom-l