Good question.
There are two steps to this: 1) Move all logins to TLS 2) Move all logged in users to TLS
The former was dependent on a bug with E:CentralAuth that was causing $wgSecureLogin to malfunction. I am not sure whether this bug was ever fixed (I remember seeing Chris submit a patch for it, but I think it was abandoned).
Also, the discussion on https://bugzilla.wikimedia.org/show_bug.cgi?id=52283 is probably a blocker for enabled $wgSecureLogin (which would be a pre-requisite for either of the two above steps).
*-- * *Tyler Romeo* Stevens Institute of Technology, Class of 2016 Major in Computer Science www.whizkidztech.com | tylerromeo@gmail.com
On Wed, Jul 31, 2013 at 2:36 PM, David Gerard dgerard@gmail.com wrote:
Jimmy just tweeted this:
https://twitter.com/jimmy_wales/status/362626509648834560
I think that's the first time I've seen him say "fuck" in a public communication ...
Anyway, I expect people will ask us how the move to all-SSL is progressing. So, how is it going?
(I've been telling people it's slowly moving along, we totally want this, it's just technical resources. But more details would be most useful!)
- d.
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l