Tim sets out some excellent points; in particular it's a good reminder that there is a continuum of options.
I've tended to advocate on the protest side of things, but I would like to posit another option: we don't have to operate *everything* under the auspices of Wikimedia Foundation, Inc (a Florida not-for-profit corporation). Our organizational goal is not "make Wikipedia.org a popular web site in all countries", it's to make knowledge available to everyone in their own language. I would love to see Wikipedia content made available in China on Chinese infrastructure operated by a Chinese organization, with total ability to determine their own security and censorship policies. "But that's what Baidu did and we hate them!" you say? We could work *with* such an organization to coordinate, share content, etc, without compromising basic web security for our sites or giving up our liberal content policies on Wikipedia "proper". I know this runs counter to our group tendency to centralization but we should remember that Open Content is *meant* to be distributed and redistributable. Centralization is often convenient but shouldn't be mandatory. -- brion On Sep 3, 2013 8:22 PM, "Tim Starling" <tstarl...@wikimedia.org> wrote: > On 04/09/13 05:38, Terry Chay wrote: > > This part of the discussion has strayed a bit far from the politics > > of encryption. ;-) > > > > Not that it doesn't have value, but if I can bring it back on-topic > > for a moment… > > > > The gist of the HTTPS issues is that it's simply not an engineering > > discussion, it's a political one. > > Yes, obviously, hence the subject line. > > > It's important to outline what our choices are and > > the consequences of those choices, and derive consensus on what the > > right choice is going forward, as it is clear what we have now[1] > > is a temporary band-aid.[2] > > I don't think it is clear. We have a variety of options open to us, on > a spectrum of appeasement versus protest. From the former to the > latter, we have: > > 1. Make ourselves subject to Chinese law and do what they tell us to > (i.e. open a datacentre in China). > 2. Use a technical setup which implicitly cooperates with their > existing system for censorship of foreign content (i.e. use > unencrypted HTTP). > 3. Use a technical setup which is inherently incompatible with the > existing system of censorship, thus forcing the Chinese government to > block us (i.e. use HTTPS). > > I don't see option 2 as a band-aid, I see it as a moderate path > between appeasement and protest, which allows us to remain popular in > China without explicitly supporting censorship, with minimal risk to > our staff. Of course, it has its down sides. > > None of the three options are without risk to our users. Probably the > most risky for our users is option 3, which encourages users to > circumvent censorship, in violation of Chinese law. It turns our users > into activists. > > There's nothing inherently wrong with activism, but I think we have an > ethical responsibility to be fully aware of the risks we are > encouraging our users to take, and also to understand the benefits > which are likely to come from successful activism, so that we can > decide whether the action we are inciting is rational and prudent. > > -- Tim Starling > > > _______________________________________________ > Wikimedia-l mailing list > Wikimedia-l@lists.wikimedia.org > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe> _______________________________________________ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>
