On Mon, Jul 29, 2013 at 7:34 PM, C. Scott Ananian cananian@wikimedia.orgwrote:
Au contraire: I think WMF has a responsibility to ensure the safety and security of its editors, who might be working on topics controversial in their home regions.
Obviously, which is why our SSL security is currently relatively good.
On that note, I'll be pushing in a change soonish to add GCM cipher support for TLS 1.2. I don't believe it's possible to have TLS 1.1 use a block cipher while TLS 1 uses RC4 when using a server cipher list, at least not in nginx nor apache.
- Ryan