On Fri, Nov 16, 2012 at 2:50 PM, Ryan Lane <rlane32(a)gmail.com> wrote:
Awesome!
Another old hack swept away. :D
Do we have a timetable for migrating all login sessions to HTTPS yet? I
love that we've got a clean HTTPS option available, but it really skeezes
me out that we still allow logins and passwords over plain HTTP.
We're waiting on some MediaWiki development work for this. I think
Chris Steipp and Roan Kattouw would probably know more.
I've been swamped with a few other projects recently, but once they
settle down, we're very close to getting all logins going over https.
I think we should be able to enable the preference by 1.21wmf5 or
wmf6.