Michael Diederich wrote:
<begin name="Timwi" date="Friday 09 July 2004 23:55"/> >>did some think about an secure web implentation? When https would be >>offered, i (and i am sure other also) would prefer it. :) > >Do you mean the entire site? Do you mean you want to be able to submit >edits completely anonymously? >I can understand someone wanting complete anonymity if they're editing a >controversial or sensitive topic, but isn't HTTPS a little bit overkill?
Well, sniffing of passwords and user accounts is not so difficult, and i am often in unsecure networks with my notebook. It is not about sensitive topics - it is about the secure of the accounts.
Are you asking about Wikipedia in specific or on MediaWiki in general?
MediaWiki in general should work fine over HTTPS. If it doesn't, please send patches.
For Wikipedia, we briefly discussed the possibility a couple years ago but were stymied by the nasty virtual server problem: basically, HTTPS and name-based virtual servers don't mix.
In order to determine which hostname & configuration to use, the web server needs the Host: header sent by the client. BUT, before we get there an encrypted connection has to be set up. BUT, the certificate is verified based on the hostname. BUT, we don't know which hostname to use yet.
D'oh!
A possible way around this is to rearrange everything to different paths on a single hostname, but this could be a big pain in the ass. Further, maintaining two different sets of paths or URLs might be a problem for [parser] cache consistency.
Additionally there's the issue that any HTTPS access won't be cached at the squid level (or perhaps even the client level); if we restrict this to logins only (perhaps even optionally) then this oughtn't to impact performance too much.
Further there's the certificate issue; would we be content with a self-signed certificate (BIG WARNINGS in your browser every time you login) or will we spend the foundation's money for a big fancy corporation's stamp of approval?
-- brion vibber (brion @ pobox.com)