Hi everyone,
We're planning to have our regular ArchCom-RFC IRC meeting in a couple
of hours. Phab event: <https://phabricator.wikimedia.org/E198>
Location: #wikimedia-office IRC channel
Meeting type: Problem definition
Time: 2016-06-01 Wednesday 21:00 UTC (2pm PDT, 23:00 CEST)
The experiment using Phab Conpherence rooms for public discussions
continues with Phab:Z425. I will optimistically say this has not
*yet* succeeded :-) [1]
The topic ArchCom agreed to focus on this week is Security. Here's a
few candidate topics for us to discuss in today's meeting:
* T135963: Add support for Content-Security-Policy (CSP) headers in MediaWiki
* T75953: RFC: MediaWiki HTTPS policy
* T123753: Establish retrospective reports for #security and
#performance incidents
Broadly speaking: the theme for today is "security is everyone's job".
Really, it is. If you have +2 rights, and you *don't* think security
is your job, please think about why you deserve to keep that right.
We all have a responsibility to step up our game in this area. Let's
use today's IRC meeting to figure out how we intend to step up.
Rob
[1] The thing that makes me optimistic about Conpherence is that
it's a persistent log of a linear conversation that integrates well
with the rest of Phabricator. The Z425 Conpherence:
<https://phabricator.wikimedia.org/Z425>
More thoughts later here:
<https://www.mediawiki.org/wiki/User:RobLa-WMF/Conpherence>, and the
talk page there is a good place for off-thread replies.