On 08/23/2013 04:35 PM, Risker wrote:
I'd like to see what can be developed, however, to support Checkusers/Oversighters/Stewards who have difficulty using HTTPS
Pretty much by definition the accounts holding those bits are the one we /least/ want to have their password snooped, and the ones most likely to be targeted by malicious eavesdroppers. If we could only support some accounts to use HTTPS, those are the ones we would need to force.
Yes, it does mean that there could not be checkusers in mainland China, for instance as long as they are unable to log in through HTTPS. That would be a /good/ thing.
-- Marc