Hi,
Over the last years, the Wikimedia Foundation has tried to solve, on a
technical level, some of the most important problems concerning
censorship, surveillance and man-in-the-middle attacks, among others.
Nowadays, they force HTTPS connections to the Wikimedia projects.
However, without involving chapters, thematic organizations and user
groups in going ahead with HTTPS, this transition seems incomplete. A
significant number of websites around the Wikimedia movement don't
support HTTPS yet and are too vulnerable, primarily those that offer
services to the public using logins or those that serve sensitive
information.
While Wikimedia chapters that are based on the WMF infrastructure
(*.wikimedia.org) support HTTPS, most of the others have not a SSL
certificate or have it wrongly configured. Even the very infrequent
chapters that use a well-configured certificate, such as Wikimedia
Deutschland, serve mixed content (using HTTP and HTTPS at the same time)
on some pages (blog.wikimedia.de) although the user chooses HTTPS
explicitly (only constructive criticism, WMDE, you're really great!).
Please, let's work to complete this transition to HTTPS and let's help
the people who need it.
(And, as a bonus, let's develop these HTTPS-Everywhere rules when all of
the above is done...) ;-)
https://github.com/EFForg/https-everywhere/blob/master/src/chrome/content/r…
Best regards, and thanks in advance for your help,
--
David Abián -
davidabian.com
Vocal de Comunicación
Wikimedia España
Vega Sicilia, 2
47008 - Valladolid
https://wikimedia.es
Wikimedia España es una asociación sin ánimo de lucro española con
CIF G-10413698 inscrita en el Registro Nacional de Asociaciones,
Grupo 1, Sección 1, Núm. Nacional 597390.
«Imagina un mundo en el que cada persona
tenga acceso libre a todo el conocimiento».