Hi,

Over the last years, the Wikimedia Foundation has tried to solve, on a technical level, some of the most important problems concerning censorship, surveillance and man-in-the-middle attacks, among others. Nowadays, they force HTTPS connections to the Wikimedia projects.

However, without involving chapters, thematic organizations and user groups in going ahead with HTTPS, this transition seems incomplete. A significant number of websites around the Wikimedia movement don't support HTTPS yet and are too vulnerable, primarily those that offer services to the public using logins or those that serve sensitive information.

While Wikimedia chapters that are based on the WMF infrastructure (*.wikimedia.org) support HTTPS, most of the others have not a SSL certificate or have it wrongly configured. Even the very infrequent chapters that use a well-configured certificate, such as Wikimedia Deutschland, serve mixed content (using HTTP and HTTPS at the same time) on some pages (blog.wikimedia.de) although the user chooses HTTPS explicitly (only constructive criticism, WMDE, you're really great!).

Please, let's work to complete this transition to HTTPS and let's help the people who need it.

(And, as a bonus, let's develop these HTTPS-Everywhere rules when all of the above is done...) ;-)

https://github.com/EFForg/https-everywhere/blob/master/src/chrome/content/ru...

Best regards, and thanks in advance for your help,