This is really fantastic. Thanks,
Habib Le 12 juin 2015 21:22:26 CET, Juliet Barbara <jbarb...@wikimedia.org> a écrit : >The Wikimedia Foundation is pleased to announce that we have begun the >transition of the Wikimedia projects and sites to the secure HTTPS >protocol. You may have seen our blog post from this morning; it has >also >been posted to relevant Village Pumps (Technical). > >This post is available online here: >https://blog.wikimedia.org/2015/06/12/securing-wikimedia-sites-with-https/ > >Securing access to Wikimedia sites with HTTPS > >BY YANA WELINDER <https://blog.wikimedia.org/author/ywelinder/>, >VICTORIA >BARANETSKY <https://blog.wikimedia.org/author/victoria-baranetsky/> AND >BRANDON >BLACK <https://blog.wikimedia.org/author/brandon-black/> ON JUNE 12TH > > >To be truly free, access to knowledge must be secure and uncensored. At >the >Wikimedia Foundation, we believe that you should be able to use >Wikipedia >and the Wikimedia sites without sacrificing privacy or safety. > >Today, we’re happy to announce that we are in the process of >implementing >HTTPS <https://en.wikipedia.org/wiki/HTTPS> to encrypt all Wikimedia >traffic. We will also use HTTP Strict Transport Security ><https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security> (HSTS) >to >protect against efforts to ‘break’ HTTPS and intercept traffic. With >this >change, the nearly half a billion people who rely on Wikipedia and its >sister projects every month will be able to share in the world’s >knowledge >more securely. > >The HTTPS protocol creates an encrypted connection between your >computer >and Wikimedia sites to ensure the security and integrity of data you >transmit. Encryption makes it more difficult for governments and other >third parties to monitor your traffic. It also makes it harder for >Internet >Service Providers (ISPs) to censor access to specific Wikipedia >articles >and other information. > >HTTPS is not new to Wikimedia sites. Since 2011, we have been working >on >establishing the infrastructure and technical requirements, and >understanding the policy and community implications of HTTPS for all >Wikimedia traffic, with the ultimate goal of making it available to all >users. In fact, for the past four years ><https://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wikimedia-foundation-wikis/>, >Wikimedia users could access our sites with HTTPS manually, through >HTTPS >Everywhere <https://www.eff.org/https-everywhere>, and when directed to >our >sites from major search engines. Additionally, all logged in users ><https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/> >have been accessing via HTTPS since 2013. > >Over the last few years, increasing concerns about government >surveillance >prompted members of the Wikimedia community to push ><https://blog.wikimedia.org/2013/08/01/future-https-wikimedia-projects/> >for more broad protection through HTTPS. We agreed, and made this >transition a priority for our policy and engineering teams. > > >We believe encryption makes the web stronger for everyone. In a world >where >mass surveillance has become a serious threat to intellectual freedom, >secure connections are essential for protecting users around the world. >Without encryption, governments can more easily surveil sensitive >information, creating a chilling effect, and deterring participation, >or in >extreme cases they can isolate or discipline citizens. Accounts may >also be >hijacked, pages may be censored, other security flaws could expose >sensitive user information and communications. Because of these >circumstances, we believe that the time for HTTPS for all Wikimedia >traffic >is now. We encourage others to join us as we move forward with this >commitment. > >The technical challenges of migrating to HTTPS > >HTTPS migration for one of the world’s most popular websites can be >complicated. For us, this process began years ago and involved teams >from >across the Wikimedia Foundation. Our engineering team has been driving >this >transition, working hard to improve our sites’ HTTPS performance, >prepare >our infrastructure to handle the transition, and ultimately manage the >implementation. > >Our first steps involved improving our infrastructure and code base so >we >could support HTTPS. We also significantly expanded and updated our >server >hardware. Since we don’t employ third party content delivery systems, >we >had to manage this process for our entire infrastructure stack >in-house. > >HTTPS may also have performance implications for users, particularly >our >many users accessing Wikimedia sites from countries or networks with >poor >technical infrastructure. We’ve been carefully calibrating our HTTPS >configuration to minimize negative impacts related to latency, page >load >times, and user experience. This was an iterative process that relied >on >industry standards, a large amount of testing, and our own experience >running the Wikimedia sites. > >Throughout this process, we have carefully considered how HTTPS affects >all >of our users. People around the world access Wikimedia sites from a >diversity of devices, with varying levels of connectivity and freedom >of >information. Although we have optimized the experience as much as >possible >with this challenge in mind, this change could affect access for some >Wikimedia traffic in certain parts of the world. > >In the last year leading up to this roll-out, we’ve ramped up our >testing >and optimization efforts to make sure our sites and infrastructure can >support this migration. Our focus is now on completing the >implementation >of HTTPS and HSTS for all Wikimedia sites. We look forward to sharing a >more detailed account of this unique engineering accomplishment once >we’re >through the full transition. > >Today, we are happy to start the final steps of this transition, and we >expect completion within a couple of weeks. > >Yana Welinder ><https://wikimediafoundation.org/wiki/User:YWelinder_(WMF)>, >Senior Legal Counsel, Wikimedia Foundation > >Victoria Baranetsky ><https://wikimediafoundation.org/wiki/User:VBaranetsky_(WMF)>, Legal >Counsel, Wikimedia Foundation > >Brandon Black <https://en.wikipedia.org/wiki/User:BBlack_(WMF)>, >Operations >Engineer, Wikimedia Foundation > > >-- >*Juliet Barbara* >Senior Communications Manager I Wikimedia Foundation >149 New Montgomery Street I San Francisco, CA 94105 >jbarb...@wikimedia.org I +1 (512) 750-5677 > > >------------------------------------------------------------------------ > >_______________________________________________ >Please note: all replies sent to this mailing list will be immediately >directed to Wikimedia-l, the public mailing list of the Wikimedia >community. For more information about Wikimedia-l: >https://lists.wikimedia.org/mailman/listinfo/wikimedia-l >_______________________________________________ >WikimediaAnnounce-l mailing list >wikimediaannounc...@lists.wikimedia.org >https://lists.wikimedia.org/mailman/listinfo/wikimediaannounce-l > > >------------------------------------------------------------------------ > >_______________________________________________ >Wikimedia-l mailing list, guidelines at: >https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines >Wikimedia-l@lists.wikimedia.org >Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, ><mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe> ..................................................... Habib M'henni Ingénieur civil et technologue à l'Iset de Nabeul Membre fondateur de CLibre et Wikimedia TN User Group http://about.me/habibmhenni http://blog.habibmhenni.tn Téléphone : +216 52232190 [K9.Andro ] _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>