Comets, I can answer that. From the dev who switched HTTPS on during prime
usage times, complained about working 60+ hours this week, then left for
the day.
I get the impression that the WMF doesn't give a shit about those users who
choose to opt-out of HTTPS for one reason or another. It's basically your
now screwed, it works for us so figure it out without us.
On Friday, June 12, 2015, Comet styles <cometstyles(a)gmail.com> wrote:
Congrats, you just made internet shitty for all 3rd
world countries
and did you people even bother to find out how it will affect users in
China or Iran where HTTPS is BANNED?.
On 6/13/15, Tito Dutta <trulytito(a)gmail.com <javascript:;>> wrote:
Great job. :)
Thanks for informing
[PS. to members, you may read the WP:VPT
<
https://en.wikipedia.org/wiki/Wikipedia:Village_pump_%28technical%29#HTTPS_…
discussion too]
On 13 June 2015 at 03:05, Habib M'henni <habib.mhenni(a)gmail.com
<javascript:;>> wrote:
> This is really fantastic.
>
> Thanks,
>
> Habib
>
> Le 12 juin 2015 21:22:26 CET, Juliet Barbara <jbarbara(a)wikimedia.org
<javascript:;>> a
> écrit :
> >The Wikimedia Foundation is pleased to announce that we have begun the
> >transition of the Wikimedia projects and sites to the secure HTTPS
> >protocol. You may have seen our blog post from this morning; it has
> >also
> >been posted to relevant Village Pumps (Technical).
> >
> >This post is available online here:
> >
>
https://blog.wikimedia.org/2015/06/12/securing-wikimedia-sites-with-https/
> >
> >Securing access to Wikimedia sites with HTTPS
> >
> >BY YANA WELINDER <https://blog.wikimedia.org/author/ywelinder/>,
> >VICTORIA
> >BARANETSKY <https://blog.wikimedia.org/author/victoria-baranetsky/>
AND
> >BRANDON
> >BLACK <https://blog.wikimedia.org/author/brandon-black/> ON JUNE 12TH
> >
> >
> >To be truly free, access to knowledge must be secure and uncensored. At
> >the
> >Wikimedia Foundation, we believe that you should be able to use
> >Wikipedia
> >and the Wikimedia sites without sacrificing privacy or safety.
> >
> >Today, we’re happy to announce that we are in the process of
> >implementing
> >HTTPS <https://en.wikipedia.org/wiki/HTTPS> to encrypt all Wikimedia
> >traffic. We will also use HTTP Strict Transport Security
> ><https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security> (HSTS)
> >to
> >protect against efforts to ‘break’ HTTPS and intercept traffic. With
> >this
> >change, the nearly half a billion people who rely on Wikipedia and its
> >sister projects every month will be able to share in the world’s
> >knowledge
> >more securely.
> >
> >The HTTPS protocol creates an encrypted connection between your
> >computer
> >and Wikimedia sites to ensure the security and integrity of data you
> >transmit. Encryption makes it more difficult for governments and other
> >third parties to monitor your traffic. It also makes it harder for
> >Internet
> >Service Providers (ISPs) to censor access to specific Wikipedia
> >articles
> >and other information.
> >
> >HTTPS is not new to Wikimedia sites. Since 2011, we have been working
> >on
> >establishing the infrastructure and technical requirements, and
> >understanding the policy and community implications of HTTPS for all
> >Wikimedia traffic, with the ultimate goal of making it available to all
> >users. In fact, for the past four years
> ><
>
https://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-…
> >,
> >Wikimedia users could access our sites with HTTPS manually, through
> >HTTPS
> >Everywhere <https://www.eff.org/https-everywhere>, and when directed
to
> >our
> >sites from major search engines. Additionally, all logged in users
> ><
>
https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimed…
> >
> >have been accessing via HTTPS since 2013.
> >
> >Over the last few years, increasing concerns about government
> >surveillance
> >prompted members of the Wikimedia community to push
> ><
https://blog.wikimedia.org/2013/08/01/future-https-wikimedia-projects/>
for more broad protection through HTTPS. We agreed, and
made this
transition a priority for our policy and engineering teams.
We believe encryption makes the web stronger for everyone. In a world
where
mass surveillance has become a serious threat to intellectual freedom,
secure connections are essential for protecting users around the world.
Without encryption, governments can more easily surveil sensitive
information, creating a chilling effect, and deterring participation,
or in
extreme cases they can isolate or discipline citizens. Accounts may
also be
hijacked, pages may be censored, other security flaws could expose
sensitive user information and communications. Because of these
circumstances, we believe that the time for HTTPS for all Wikimedia
traffic
is now. We encourage others to join us as we move forward with this
commitment.
The technical challenges of migrating to HTTPS
HTTPS migration for one of the world’s most popular websites can be
complicated. For us, this process began years ago and involved teams
from
across the Wikimedia Foundation. Our engineering team has been driving
this
transition, working hard to improve our sites’ HTTPS performance,
prepare
our infrastructure to handle the transition, and ultimately manage the
implementation.
Our first steps involved improving our infrastructure and code base so
we
could support HTTPS. We also significantly expanded and updated our
server
hardware. Since we don’t employ third party content delivery systems,
we
had to manage this process for our entire infrastructure stack
in-house.
HTTPS may also have performance implications for users, particularly
our
many users accessing Wikimedia sites from countries or networks with
poor
technical infrastructure. We’ve been carefully calibrating our HTTPS
configuration to minimize negative impacts related to latency, page
load
times, and user experience. This was an iterative process that relied
on
industry standards, a large amount of testing, and our own experience
running the Wikimedia sites.
Throughout this process, we have carefully considered how HTTPS affects
all
of our users. People around the world access Wikimedia sites from a
diversity of devices, with varying levels of connectivity and freedom
of
information. Although we have optimized the experience as much as
possible
with this challenge in mind, this change could affect access for some
Wikimedia traffic in certain parts of the world.
In the last year leading up to this roll-out, we’ve ramped up our
testing
and optimization efforts to make sure our sites and infrastructure can
support this migration. Our focus is now on completing the
implementation
of HTTPS and HSTS for all Wikimedia sites. We look forward to sharing a
more detailed account of this unique engineering accomplishment once
we’re
through the full transition.
Today, we are happy to start the final steps of this transition, and we
expect completion within a couple of weeks.
Yana Welinder
<https://wikimediafoundation.org/wiki/User:YWelinder_(WMF)>,
Senior Legal Counsel, Wikimedia Foundation
Victoria Baranetsky
<https://wikimediafoundation.org/wiki/User:VBaranetsky_(WMF)>, Legal
Counsel, Wikimedia Foundation
Brandon Black <https://en.wikipedia.org/wiki/User:BBlack_(WMF)>,
Operations
Engineer, Wikimedia Foundation
--
*Juliet Barbara*
Senior Communications Manager I Wikimedia Foundation
149 New Montgomery Street I San Francisco, CA 94105
jbarbara(a)wikimedia.org <javascript:;> I +1 (512) 750-5677
------------------------------------------------------------------------
_______________________________________________
Please note: all replies sent to this mailing list will be immediately
directed to Wikimedia-l, the public mailing list of the Wikimedia
community. For more information about Wikimedia-l:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l
_______________________________________________
WikimediaAnnounce-l mailing list
WikimediaAnnounce-l(a)lists.wikimedia.org <javascript:;>
https://lists.wikimedia.org/mailman/listinfo/wikimediaannounce-l
------------------------------------------------------------------------
> >
> >_______________________________________________
> >Wikimedia-l mailing list, guidelines at:
> >https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> >Wikimedia-l(a)lists.wikimedia.org <javascript:;>
> >Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> ><mailto:wikimedia-l-request@lists.wikimedia.org <javascript:;>
?subject=unsubscribe>
>
> .....................................................
> Habib M'henni
> Ingénieur civil et technologue à l'Iset de Nabeul
> Membre fondateur de CLibre et Wikimedia TN User Group
>
http://about.me/habibmhenni
>
http://blog.habibmhenni.tn
> Téléphone : +216 52232190
> [K9.Andro ]
> _______________________________________________
> Wikimedia-l mailing list, guidelines at:
>
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
> Wikimedia-l(a)lists.wikimedia.org <javascript:;>
> Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> <mailto:wikimedia-l-request@lists.wikimedia.org <javascript:;>
?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l(a)lists.wikimedia.org <javascript:;
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org <javascript:;>
?subject=unsubscribe>
--
Cometstyles
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org <javascript:;>
?subject=unsubscribe>