On Mon, Oct 25, 2010 at 11:23 PM, Ashar Voultoiz hashar+wmf@free.fr wrote:
On 25/10/10 23:26, George Herbert wrote:
I for one only use secure.wikimedia.org; I would like to urge as a general course that the Foundation switch to a HTTPS by default strategy...
HTTPS means full encryption, that is either : - a ton of CPU cycles : those are wasted cycles for something else. - SSL ASIC : costly, specially given our gets/ bandwidth levels
Meanwhile, use secure.wikimedia.org :-)
I don't want to be rude, but I'm a professional large website infrastructure architect for my paying day job.
The current WMF situation is becoming "quaint" - pros use secure.wikimedia.org, amateurs don't realize what they're exposing. By professional standards, we're not keeping up with professional industry expectations. It's not nuclear bomb secrets (cough) or missile designs (cough) but our internal function (in terms of keeping more sensitive accounts private and not hacked) and our ability to reassure people that they're using a modern and reliable site are falling slowly.
It's just CPU cycles. Those, of all the things today, are the cheapest by far... Please, hand me a tough problem, like needing database storage bandwidth that only SSD can match and yet will last for 5+ years reliably, or an N^2 or N^M or N! problem in the core logic, or even using a database to store all the file-like objects and not being able to clean up the database indexes. Those are hard. CPU time, raw cycles? Easy.