On Sat, Aug 17, 2013 at 12:47 PM, Faidon Liambotis faidon@wikimedia.org wrote:
On Fri, Aug 16, 2013 at 08:04:24PM -0400, Zack Weinberg wrote:
Hi, I'm a grad student at CMU studying network security in general and censorship / surveillance resistance in particular. I also used to work for Mozilla, some of you may remember me in that capacity. My friend Sumana Harihareswara asked me to comment on Wikimedia's plans for hardening the encyclopedia against state surveillance.
<snip>
First of all, thanks for your input. It's much appreciated. As I'm sure Sumanah has already mentioned, all of our infrastructure is being developed in the open using free software and we'd be also very happy to accept contributions in code/infrastructure-as-code as well.
hi faidon, i do not think you personally and WMF are particularly helpful in accepting contributions. because you: * do not communicate openly the problems * do not report upstream publically * do not ask for help, and even if it gets offered you just ignore it with quite some arrogance
let me give you an example as well. git.wikimedia.org broke, and you, faidon, did _absolutely nothing_ to give good feedback to upstream to improve the gitblit software. you and colleagues did though adjust robots.txt to reduce the traffic arriving at the git.wikimedia.org. which is, in my opinion, "paying half of the rent". see * our bug: https://bugzilla.wikimedia.org/show_bug.cgi?id=51769, includes details how to take a stack trace * upstream bug: https://code.google.com/p/gitblit/issues/detail?id=294, no stacktrace reported
That being said, literally everything in your mail has been already considered and discussed multiple times :), plus a few others you didn't mention (GCM ciphers, OCSP stapling, SNI & split certificates, short-lived certificates, ECDSA certificates). A few have been discussed on wikitech, others are under internal discussion & investigation by some of us with findings to be posted here too when we have something concrete.
I don't mean this to sound rude, but I think you may be oversimplifying the situation quite a bit.
....
Is dedicating (finite) engineering time to write the necessary code for e.g. gdnsd to support DNSSEC, just to be able to support DANE for which there's exactly ZERO browser support, while at the same time breaking a significant chunk of users, a sensible thing to do?
i don't mean this to sound rude, but you give me the impression that you handle the https and dns case similarly than the gitblit case. you tried some approaches, and let me perceive you think only in your wmf box. i'd really appreciate some love towards other projects here, and get things fixed at source as well, in mid term (i.e months, one or two years).
rupert