On 29 May 2015 at 09:14, John Mark Vandenberg <jayvdb(a)gmail.com> wrote:
- no https
(not nice - that means test accounts must be created and accessed
using passwords that are sent in essentially cleartext - so sharing
passwords with the same account name on the real wikis is a security
risk)
It's risky anyway, do you know who has access to the beta cluster? It's
not
considered secure and you do not need any NDA or anything to get access -
if you are using a real password on beta, change it. It's in labs.
https://phabricator.wikimedia.org/T50501 is about HTTPS on beta.
- no SUL with the real wikis
(probably the best choice given no https on the beta cluster, but it
complicates adding beta wiki to our existing Travis-CI test matrix
which includes real wikis)
Beta cluster will never get access to CentralAuth passwords in production.
Maybe via OpenID or something, but not proper SUL with production wikis.