Hi,
Mozilla are asking for update about bug https://bugzilla.mozilla.org/show_bug.cgi?id=758857
Can anybody help?
-- Amir
---------- Forwarded message ---------- From: Ryan Lane rlane32@gmail.com Date: 2012/6/19 Subject: Re: [Wikitech-l] HTTPS Wikipedia search for Firefox? To: Wikimedia developers wikitech-l@lists.wikimedia.org
On Tue, Jun 19, 2012 at 3:39 AM, Chris Peterson cpeterson@mozilla.com wrote:
hi, I'm a developer at Mozilla and I have a patch [1] that would switch Firefox's Wikipedia search box from HTTP to HTTPS.
Who would be an appropriate technical contact at Wikimedia that I can coordinate with? Is this a change Wikimedia would welcome? Or would the increased SSL server load be an undue burden for Wikimedia? Just to be clear, this change would only affect Firefox users who search Wikipedia using Firefox's search box.
A few months ago, Mozilla switched Firefox 14 (currently in Beta) to use Google's HTTPS search [2]. If I check in my Wikipedia patch soon, the change would ride Firefox's Nightly, Aurora, and Beta release channels [3] and be released to the general public in Firefox 16 (October 2012).
Please don't do so. HTTPS is a new service, and we haven't properly load tested it yet. The first target for production load testing is for logged-in users.
I'm not opposed to the change completely, but I'd prefer to let you guys know when we're ready.
Thanks,
- Ryan
_______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
On Fri, Dec 28, 2012 at 9:37 AM, Amir E. Aharoni < amir.aharoni@mail.huji.ac.il> wrote:
Hi,
Mozilla are asking for update about bug https://bugzilla.mozilla.org/show_bug.cgi?id=758857
Can anybody help?
There's no change. We're still waiting on MediaWiki changes to occur before we switch logged-in users to HTTPS by default.
- Ryan
On Fri, Dec 28, 2012 at 1:50 PM, Ryan Lane rlane32@gmail.com wrote:
On Fri, Dec 28, 2012 at 9:37 AM, Amir E. Aharoni < amir.aharoni@mail.huji.ac.il> wrote:
Hi,
Mozilla are asking for update about bug https://bugzilla.mozilla.org/show_bug.cgi?id=758857
Can anybody help?
There's no change. We're still waiting on MediaWiki changes to occur before we switch logged-in users to HTTPS by default.
- Ryan
Which changes would those be (You said MediaWiki not WikiMedia, so I assume there are bugs for them)?
Furthermore, what does "making the firefox search box be https" have to do with having users log in to secure by default. I suppose we might not want people to loose their login if they're logged into insecure and search via firefox with secure login - is that what you're concerned about, or is it something else?
-bawolff
On Sat, Dec 29, 2012 at 6:52 AM, bawolff bawolff+wn@gmail.com wrote:
On Fri, Dec 28, 2012 at 1:50 PM, Ryan Lane rlane32@gmail.com wrote:
There's no change. We're still waiting on MediaWiki changes to occur before we switch logged-in users to HTTPS by default.
[...]
Furthermore, what does "making the firefox search box be https" have to do with having users log in to secure by default. I suppose we might not want people to loose their login if they're logged into insecure and search via firefox with secure login - is that what you're concerned about, or is it something else?
I was thinking it was just wanting to ramp up load internally first (where it's really easy and fast to ramp back down if needed) and then expand to other places when we're more confident.
Turning on HTTPS by default for all logged in users is one of those ways to ramp up load in a controlled and easily reversible way.
-Jeremy
On Fri, Dec 28, 2012 at 10:58 PM, Jeremy Baron jeremy@tuxmachine.comwrote:
On Sat, Dec 29, 2012 at 6:52 AM, bawolff bawolff+wn@gmail.com wrote:
On Fri, Dec 28, 2012 at 1:50 PM, Ryan Lane rlane32@gmail.com wrote:
There's no change. We're still waiting on MediaWiki changes to occur
before
we switch logged-in users to HTTPS by default.
[...]
Furthermore, what does "making the firefox search box be https" have to do with having users log in to secure by default. I suppose we might not want people to loose their login if they're logged into insecure and search via firefox with secure login - is that what you're concerned about, or is it something else?
I was thinking it was just wanting to ramp up load internally first (where it's really easy and fast to ramp back down if needed) and then expand to other places when we're more confident.
Turning on HTTPS by default for all logged in users is one of those ways to ramp up load in a controlled and easily reversible way.
This.
- Ryan
wikitech-l@lists.wikimedia.org