----- Original Message -----
From: "Brian Wolff" bawolff@gmail.com
Thanks for taking the time to write these two emails. You raise an interesting point about having everything on one domain. I really don't think that's practical for political reasons (not to mention technical disruption), but it would allow people to be more lost in the crowd, especially for small languages. Some of the discussion about this stuff has taken place on bugzilla. Have you read through https://bugzilla.wikimedia.org/show_bug.cgi?id=47832 ?
I should think we might be able to run a proxy that would handle such hiding, no?
Personally I think we need to make a more formal list of who all the potential threats we could face are, and then expand that list to include what we would need to do to protect ourselves from the different types of threats (or which threats we chose not to care about). Some kid who downloads a firesheep-type program is very different type of threat then that of a state agent, and a state agent that is just trying to do broad spying is different from a state agent targeting a specific user. Lots of these discussion seem to end up being: lets do everything to try to protect against everything, which I don't think is the right mindset, as you can't protect against everything, and if you don't know what specifically you are trying to protect against, you end up missing things.
Definitely: the potential attack surfaces need to be explicitly itemized.
Cheers, -- jra