Quick two questions:
1) Was that bug with E:CentralAuth that prevented us from turning on $wgSecureLogin ever fixed? If so, can we attempt another deployment?
2) I noticed something in the signpost:
Walsh told the *Signpost* that while moving to an https default is a goal
the WMF is actively working on, doing so is not "trivial"—it is a delicate process that the WMF plans to enable in graduated steps, from logged-in users to testing on smaller wikis before making it the default for anonymous users and readers on all projects.
Is this at all true? Because from what I've been told on bug reports it seems like turning on HTTPS would indeed be a trivial step and that the operations team has confirmed we can do it at will. I also question the definition of "actively working on". ;)
*-- * *Tyler Romeo* Stevens Institute of Technology, Class of 2016 Major in Computer Science www.whizkidztech.com | tylerromeo@gmail.com