Ok, so we should allow non-SSL so that in totalitarian countries with internet snooping, people can contribute to a free encyclopedia that's generally censored by totalitarian countries anyway, in a way that their government can snoop on their connections and see exactly what they're doing and so put them in jail?
Maybe we should be reconsidering how we deal with Tor to allow sane HTTPS-over-Tor connections.
-- brion
On Tue, Apr 30, 2013 at 12:59 PM, Matthew Walker mwalker@wikimedia.orgwrote:
We enabled it for about an hour previously (before reverting due to the centralauth bug), and the change was barely noticeable in ganglia.
Do we have numbers on what this did to the number of active editors during that time period? Esp. broken down on a per country basis?
I think I want to agree with Petr -- we should not be forcing SSL always; we should be respecting what the user requested. In that way if it ever becomes enforced by a government that SSL is disallowed users may still contribute to the site. (Remember we block things like Tor so they can't even proxy around it.)
Perhaps we should just make it really obvious on the login page (e.g. big button to login via SSL, small button to not do so.)
~Matt Walker Wikimedia Foundation Fundraising Technology Team
On Tue, Apr 30, 2013 at 12:21 PM, Chris Steipp <csteipp@wikimedia.org
wrote:
On Tue, Apr 30, 2013 at 12:00 PM, Faidon Liambotis <faidon@wikimedia.org
wrote:
That being said, my gut tells me that making all the logins SSL-enabled is not going to make a significant difference compared to current
usage,
but I don't have any numbers to back this up right now. Maybe Ryan has them.
We enabled it for about an hour previously (before reverting due to the centralauth bug), and the change was barely noticeable in ganglia.
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l