On Thu, Jun 6, 2013 at 6:56 PM, Tyler Romeo <tylerromeo(a)gmail.com> wrote:
Quick two questions:
1) Was that bug with E:CentralAuth that prevented us from turning on
$wgSecureLogin ever fixed? If so, can we attempt another deployment?
2) I noticed something in the signpost:
Walsh told the *Signpost* that while moving to an https default is a goal
the WMF is actively working on, doing so is not
"trivial"—it is a
delicate
process that the WMF plans to enable in graduated
steps, from logged-in
users to testing on smaller wikis before making it the default for
anonymous users and readers on all projects.
Is this at all true? Because from what I've been told on bug reports it
seems like turning on HTTPS would indeed be a trivial step and that the
operations team has confirmed we can do it at will. I also question the
definition of "actively working on". ;)
You are misreading. What is being discussed is HTTPS by default for
anonymous readers.
- Ryan