Antoine Musso <hashar+wmf(a)free.fr> wrote:
> (ensuring the NSA never gets your private keys)
Which they might already have =)
Or they might get anytime. If I understand it correctly,
the NSA didn't steal the root passwords for Google, Facebook
and the like, but properly served subpoenas. They could do
(or have done) the same for the WMF, provided that the legal
requirements are fulfilled.
Enabling SSL for *this* use case is like stocking up ammo
for the visit of the tax collector; it doesn't make you tax-
exempt, it just means the collection might be a tad more
complicated.
Emphasis should be put on that the benefits of HTTPS every-
where are primarily against *illegal* snooping.
Tim