-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gregory Maxwell wrote:
Anyone here have any experience with protocol relative
URLs, that is
URLs of the form "//some.domain.org/file.ext"? URLs of this form are
uncommon but appear compliant with RFC 1808.
A possible application of protocol relative URLs for MediaWiki is that
they could be used remove the problem of needing duplicate parsings of
pages containing external (and cross-domain) links in order to support
HTTPS. With that issue out of the way the only impediment to high
performance SSL is connection setup which can be addressed with
dedicated crypto cards or crypto enhanced CPUs like Ultrasparc T1/T2.
Duplicate parsing honestly isn't much of an impediment here; the primary
impediment is just configuring things properly for virtual hosts and SSL
proxies on the same IPs that we run non-SSL on.
eg, we want
https://en.wikipedia.org/wiki/Foobar to work, which requires:
* SSL proxies in each data center
* wildcart certs for each second-level domain
* appropriate connection setup for the certs to work; eg one public IP
per data center per second-level domain
We did some experimentation in this direction last year, but haven't
really got the ball rolling yet.
- -- brion
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iEYEARECAAYFAkhQE6wACgkQwRnhpk1wk44qFACfT+Az1p2L8KsQ2eRH+36Cy6w2
3M0AnjvATCGDFgUt5L32yoPTQXMFlIN5
=qKC4
-----END PGP SIGNATURE-----